06a80e0fa37a104fb7dfa397d0fb60672f9408d057933e685a7df9be09db52f9 | Triage

Sharing

General

Target

MAMAWEEGEE.exe
Size

146KB
Sample

240424-t9f2nadd6s
MD5

7567087160362c815deda505d2c8e7b7
SHA1

616e5dd2a6dbfc50a716d004a4b2f7a7c0b63b6a
SHA256

06a80e0fa37a104fb7dfa397d0fb60672f9408d057933e685a7df9be09db52f9
SHA512

9722b78a388fb9a332cf91a0874b77f7c12577d2b9f7cbb0ccb011650afa2dbedf9f2d35255492b9403ae7527eb67ab19d308395940f66a897e5d4dae1283108
SSDEEP

3072:R7DhdC6kzWypvaQ0FxyNTBfLRcpx698R9VeF25:RBlkZvaF4NTBjRcrpC+

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  MAMAWEEGEE.exe
- Size
  
  146KB
- MD5
  
  7567087160362c815deda505d2c8e7b7
- SHA1
  
  616e5dd2a6dbfc50a716d004a4b2f7a7c0b63b6a
- SHA256
  
  06a80e0fa37a104fb7dfa397d0fb60672f9408d057933e685a7df9be09db52f9
- SHA512
  
  9722b78a388fb9a332cf91a0874b77f7c12577d2b9f7cbb0ccb011650afa2dbedf9f2d35255492b9403ae7527eb67ab19d308395940f66a897e5d4dae1283108
- SSDEEP
  
  3072:R7DhdC6kzWypvaQ0FxyNTBfLRcpx698R9VeF25:RBlkZvaF4NTBjRcrpC+
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Disables Task Manager via registry modification
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1