General
-
Target
1847fe775124ff748eff65fde03a4cc3
-
Size
394KB
-
Sample
231225-mvcmcsgdfp
-
MD5
1847fe775124ff748eff65fde03a4cc3
-
SHA1
84eb8486cd503e3ed4f64242cd6c18f8c939ee7f
-
SHA256
c9deff45942213d2e685f7b8c81568c35e7d93f99e22b260051dba54d4c60c8b
-
SHA512
1e215fc42fc1bca1f8dc56b4e180154462193e6f7847ba84b0d6821bcbebeebab203ad659e19bab1099f7fa5e6c9782c2c53ef40b5d4892fcc89ab56b7a77d6f
-
SSDEEP
12288:3LPv0G05zrYUlP7aOsjdccUiDe2tmlUiOQ:bH0GWzrRlfsh4ia
Static task
static1
Behavioral task
behavioral1
Sample
1847fe775124ff748eff65fde03a4cc3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1847fe775124ff748eff65fde03a4cc3.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
1847fe775124ff748eff65fde03a4cc3
-
Size
394KB
-
MD5
1847fe775124ff748eff65fde03a4cc3
-
SHA1
84eb8486cd503e3ed4f64242cd6c18f8c939ee7f
-
SHA256
c9deff45942213d2e685f7b8c81568c35e7d93f99e22b260051dba54d4c60c8b
-
SHA512
1e215fc42fc1bca1f8dc56b4e180154462193e6f7847ba84b0d6821bcbebeebab203ad659e19bab1099f7fa5e6c9782c2c53ef40b5d4892fcc89ab56b7a77d6f
-
SSDEEP
12288:3LPv0G05zrYUlP7aOsjdccUiDe2tmlUiOQ:bH0GWzrRlfsh4ia
-
Contains code to disable Windows Defender
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Modifies security service
-
Quasar payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
2Windows Service
2Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1