5f38a5081b59af407966417e506bb77fc23d13307f91569a9cb50d8d1548bfb1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f38a5081b59af407966417e506bb77fc23d13307f91569a9cb50d8d1548bfb1
Size

147KB
Sample

230608-v529rsaa31
MD5

6a63343700558f7383fd5725ab378fc5
SHA1

108c1253aad9d25ebdfba72df7fa2bcc96d346d3
SHA256

5f38a5081b59af407966417e506bb77fc23d13307f91569a9cb50d8d1548bfb1
SHA512

1113d2b9dcd63ecad035958cc1f8b75b93118183683a5c0aae18003ff1fdf8f17f9702924d3f2d5aaedcdb6ca00d5f49019c398153f8bb021fe00fc9f556f28c
SSDEEP

3072:nJJIe5KvcG7P6gnuGxOv8lruxBAyhuWVFrag1btNhPsx:nJie8ZP9nKiWVFmKtfP

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  5f38a5081b59af407966417e506bb77fc23d13307f91569a9cb50d8d1548bfb1
- Size
  
  147KB
- MD5
  
  6a63343700558f7383fd5725ab378fc5
- SHA1
  
  108c1253aad9d25ebdfba72df7fa2bcc96d346d3
- SHA256
  
  5f38a5081b59af407966417e506bb77fc23d13307f91569a9cb50d8d1548bfb1
- SHA512
  
  1113d2b9dcd63ecad035958cc1f8b75b93118183683a5c0aae18003ff1fdf8f17f9702924d3f2d5aaedcdb6ca00d5f49019c398153f8bb021fe00fc9f556f28c
- SSDEEP
  
  3072:nJJIe5KvcG7P6gnuGxOv8lruxBAyhuWVFrag1btNhPsx:nJie8ZP9nKiWVFmKtfP
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1