116156f44fd3cca9f7d7abc14ec494beee458b1be8cd3f19adb23c5ff66fdf70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

k8396716.exe
Size

135KB
Sample

230701-egkf2sfe42
MD5

8d18010e810542c905ae325eff587c8f
SHA1

6e083d5f85aea43994d29e2af53bb15364c07aed
SHA256

116156f44fd3cca9f7d7abc14ec494beee458b1be8cd3f19adb23c5ff66fdf70
SHA512

3836680ff53999600dec47931edf8c285e0284c23cb8f48f990c87305a5407ebe3a9ae17c3ba27d8ce28e0ae2a12c12ebb88fdc532390ff8f7155251e899a3f7
SSDEEP

3072:HdeOm13rtAomZOIdHrJOXVDQvDECnKBwqbiegGVsQKO05qVvk05oWRQx2WR3xx:HdeOmxQvhKW2g30yQdQb

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  k8396716.exe
- Size
  
  135KB
- MD5
  
  8d18010e810542c905ae325eff587c8f
- SHA1
  
  6e083d5f85aea43994d29e2af53bb15364c07aed
- SHA256
  
  116156f44fd3cca9f7d7abc14ec494beee458b1be8cd3f19adb23c5ff66fdf70
- SHA512
  
  3836680ff53999600dec47931edf8c285e0284c23cb8f48f990c87305a5407ebe3a9ae17c3ba27d8ce28e0ae2a12c12ebb88fdc532390ff8f7155251e899a3f7
- SSDEEP
  
  3072:HdeOm13rtAomZOIdHrJOXVDQvDECnKBwqbiegGVsQKO05qVvk05oWRQx2WR3xx:HdeOmxQvhKW2g30yQdQb
Score

10^/10

evasion trojan
- Detects Healer an antivirus disabler dropper
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2