b01f77e8d75161e4a6b5c03a63bc7b685cc5ffd2beebc70663650127291869cf | Triage

Sharing

General

Target

b01f77e8d75161e4a6b5c03a63bc7b685cc5ffd2beebc70663650127291869cf
Size

1.5MB
Sample

231004-hp7hbshf9t
MD5

738ad942afc69d947302b583b9d81940
SHA1

8264dfdc3ce1dd02019d8d7b61a10e8bbec40498
SHA256

b01f77e8d75161e4a6b5c03a63bc7b685cc5ffd2beebc70663650127291869cf
SHA512

ec6f1bb300e0ba668755c3fb1be34b8db0f395dfc5a1be92dbb8fb08a0808d941e0074291283edfa055730682faa851bb783317b1f2ae3471e142649d51ea9cc
SSDEEP

49152:zRu/8fB6YfyaXlgDW6lAtWVW0Itg8H5j:NwAwra1gDW6+SFGH

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  b01f77e8d75161e4a6b5c03a63bc7b685cc5ffd2beebc70663650127291869cf
- Size
  
  1.5MB
- MD5
  
  738ad942afc69d947302b583b9d81940
- SHA1
  
  8264dfdc3ce1dd02019d8d7b61a10e8bbec40498
- SHA256
  
  b01f77e8d75161e4a6b5c03a63bc7b685cc5ffd2beebc70663650127291869cf
- SHA512
  
  ec6f1bb300e0ba668755c3fb1be34b8db0f395dfc5a1be92dbb8fb08a0808d941e0074291283edfa055730682faa851bb783317b1f2ae3471e142649d51ea9cc
- SSDEEP
  
  49152:zRu/8fB6YfyaXlgDW6lAtWVW0Itg8H5j:NwAwra1gDW6+SFGH
Score

10^/10

evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan