9d4b24c14cbe0c73b750014d6453db20801d9109e9b53444195ff8f9f5464d87 | Triage

Sharing

General

Target

5c4c10e2985f0594b7473d7802ebe93e.bin
Size

80KB
Sample

230612-b6968aba8z
MD5

a1dffbe36d51ad73d941109542c787ce
SHA1

11f1cb4326bd4c0e9a1a98ee4304c391c874f7fa
SHA256

9d4b24c14cbe0c73b750014d6453db20801d9109e9b53444195ff8f9f5464d87
SHA512

ddb0161c9600edcbbc30418b5205298b78ca30c885bd3b018e09538bc7424c71c7108896c5fa6e09a18b956b1b27b2e7c9dac2fe021fd35428b1f1b23ce307f4
SSDEEP

1536:GRoIXcgh5n5Byw1c0GMYEGrtTY4UOSR3M7EkYt8mB8nhVccQe6R/:HIXvh5nmwLnShYbxRB8hix/R/

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  a328a4e8510854022165818038f1b0578aa34f483cd7f65c548f4e2b6d99ccb1.exe
- Size
  
  148KB
- MD5
  
  5c4c10e2985f0594b7473d7802ebe93e
- SHA1
  
  519fbfae43caa5007c498eaefaffaf956eb1efdb
- SHA256
  
  a328a4e8510854022165818038f1b0578aa34f483cd7f65c548f4e2b6d99ccb1
- SHA512
  
  0d485a80c3f6915ca911165a1bd8dea5f3180a2b78c472fd56fbabda2797ac695277491d6b789c995063f553a7cb36a6a0ec21ba613839d00fa9b9913594431b
- SSDEEP
  
  3072:mDNfk3As30+ATXASRWhPt4ZtuksFATEXjn3CIyhuWVFrag1de0yx:mD5k3As3xyutQtaZWVFmke0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2