General
-
Target
2e40f39d4e60afd724d6d1572d9a01e74d2b90dd7b7e94117034301a5046f392
-
Size
1.5MB
-
Sample
231004-e3egxshb3w
-
MD5
45a9512b7444017009e5b01143618542
-
SHA1
033bba437b5d5a4d351584dbafb215c5fa1d9e97
-
SHA256
2e40f39d4e60afd724d6d1572d9a01e74d2b90dd7b7e94117034301a5046f392
-
SHA512
6c392c5630cdabf2e8be2c512eef500d525887ee62567abe018a137b73a2b4c436ec94a4291fce270937e724244d285a62b2c348c67654c7ecd845c2875c130e
-
SSDEEP
24576:9yjf6xQvDXm6U3VpqzYnbczFR5+2lMmF7AUk5PZnNH7Q21teuy9aqzpphtGmbb:Yj1bR5+2lMfxZnNHs21Hy9aMpRGmb
Malware Config
Targets
-
-
Target
2e40f39d4e60afd724d6d1572d9a01e74d2b90dd7b7e94117034301a5046f392
-
Size
1.5MB
-
MD5
45a9512b7444017009e5b01143618542
-
SHA1
033bba437b5d5a4d351584dbafb215c5fa1d9e97
-
SHA256
2e40f39d4e60afd724d6d1572d9a01e74d2b90dd7b7e94117034301a5046f392
-
SHA512
6c392c5630cdabf2e8be2c512eef500d525887ee62567abe018a137b73a2b4c436ec94a4291fce270937e724244d285a62b2c348c67654c7ecd845c2875c130e
-
SSDEEP
24576:9yjf6xQvDXm6U3VpqzYnbczFR5+2lMmF7AUk5PZnNH7Q21teuy9aqzpphtGmbb:Yj1bR5+2lMfxZnNHs21Hy9aMpRGmb
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1