1506a40e37654906dd909ad7f5de46d4498a1f7c750130bb3c1dc31db08ebb46 | Triage

Sharing

General

Target

NEAS.958f9baafb688c714cad025206864a90.exe
Size

204KB
Sample

231016-w45tyaaa56
MD5

958f9baafb688c714cad025206864a90
SHA1

d23ca180c8c685c31d6697c1fc6419c3d2bdfed4
SHA256

1506a40e37654906dd909ad7f5de46d4498a1f7c750130bb3c1dc31db08ebb46
SHA512

9480dfebaf379f2bf8cd031abdff696e3cbb26ccf5bd083a90a8795f271858081d4c3a8f6809f385ce0ef59f2b11c69cc6cc7257a47eb6ce8ee65b97b0bab268
SSDEEP

3072:yBND8LuYWQ71Jx9+W2saM/5wjI7reAbZxxvIOQjmEWSrrIn3+SjGKWGqpqjmXu:y8LuYnRrkkz2I7qWZIO1EWln3kLGqpXu

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  NEAS.958f9baafb688c714cad025206864a90.exe
- Size
  
  204KB
- MD5
  
  958f9baafb688c714cad025206864a90
- SHA1
  
  d23ca180c8c685c31d6697c1fc6419c3d2bdfed4
- SHA256
  
  1506a40e37654906dd909ad7f5de46d4498a1f7c750130bb3c1dc31db08ebb46
- SHA512
  
  9480dfebaf379f2bf8cd031abdff696e3cbb26ccf5bd083a90a8795f271858081d4c3a8f6809f385ce0ef59f2b11c69cc6cc7257a47eb6ce8ee65b97b0bab268
- SSDEEP
  
  3072:yBND8LuYWQ71Jx9+W2saM/5wjI7reAbZxxvIOQjmEWSrrIn3+SjGKWGqpqjmXu:y8LuYnRrkkz2I7qWZIO1EWln3kLGqpXu
Score

8^/10

aspackv2 persistence
- Modifies AppInit DLL entries
  persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2