c837e405159f1dbba789741991eed2be7ef8d49e130a6c908a04e51d7df85e8d | Triage

Resubmissions

06-07-2024 14:49

240706-r6zcqa1flm 10

06-07-2024 12:23

240706-pklhmaybkr 10

Sharing

General

Target

Windows Defender - Disable.reg
Size

2KB
Sample

240706-r6zcqa1flm
MD5

8f7f24568ff5c6bf0b22045c3c2c390f
SHA1

19c8951ab9293b5bbb19054853c4d94804672e1f
SHA256

c837e405159f1dbba789741991eed2be7ef8d49e130a6c908a04e51d7df85e8d
SHA512

ea2fdb097a439345ae48358a61121c92cc393b8ccca6cd6cb559fa385553ca5696698475f3e2726bd105c0a9cda0e147be121ad60624ce925f8917889a158d70

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  Windows Defender - Disable.reg
- Size
  
  2KB
- MD5
  
  8f7f24568ff5c6bf0b22045c3c2c390f
- SHA1
  
  19c8951ab9293b5bbb19054853c4d94804672e1f
- SHA256
  
  c837e405159f1dbba789741991eed2be7ef8d49e130a6c908a04e51d7df85e8d
- SHA512
  
  ea2fdb097a439345ae48358a61121c92cc393b8ccca6cd6cb559fa385553ca5696698475f3e2726bd105c0a9cda0e147be121ad60624ce925f8917889a158d70
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2