e8ab06fa0861d51b6a7c58708955a9c776f1f047916bf73328122cd41a48bdce | Triage

Sharing

General

Target

e8ab06fa0861d51b6a7c58708955a9c776f1f047916bf73328122cd41a48bdce
Size

147KB
Sample

230608-vwcbzshb32
MD5

cfbf3f73fb0ce4af1914f1c8f8478475
SHA1

097ab1e8e97a7877c95a7ebc8133844e1c55b194
SHA256

e8ab06fa0861d51b6a7c58708955a9c776f1f047916bf73328122cd41a48bdce
SHA512

336d20b441ab25b6c77a7bd9217e3de8a5e5f943634318ab5d8039fd7b4c9c819c5804d84f91454dabb8e53627875039a4241648402c2ed39b8ba6b3a4a8b98c
SSDEEP

3072:NJJIe5KvcG7P6gnuG+WHgP8lru/BAyhuWVFrag1btJPsx6:NJie8ZP9nw3diWVFmKtJP1

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  e8ab06fa0861d51b6a7c58708955a9c776f1f047916bf73328122cd41a48bdce
- Size
  
  147KB
- MD5
  
  cfbf3f73fb0ce4af1914f1c8f8478475
- SHA1
  
  097ab1e8e97a7877c95a7ebc8133844e1c55b194
- SHA256
  
  e8ab06fa0861d51b6a7c58708955a9c776f1f047916bf73328122cd41a48bdce
- SHA512
  
  336d20b441ab25b6c77a7bd9217e3de8a5e5f943634318ab5d8039fd7b4c9c819c5804d84f91454dabb8e53627875039a4241648402c2ed39b8ba6b3a4a8b98c
- SSDEEP
  
  3072:NJJIe5KvcG7P6gnuG+WHgP8lru/BAyhuWVFrag1btJPsx6:NJie8ZP9nw3diWVFmKtJP1
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1