01a29ca6a7852408fb515eeab5d5a0a378725b69460ce7b33d0e06cdee3e14a1 | Triage

Sharing

General

Target

NEAS.a1605551f5f51a61d20a6a5bfdfda370.exe
Size

206KB
Sample

231102-varvjsca89
MD5

a1605551f5f51a61d20a6a5bfdfda370
SHA1

efd6126a054b17a73025067041d6fcaf5fa58ff6
SHA256

01a29ca6a7852408fb515eeab5d5a0a378725b69460ce7b33d0e06cdee3e14a1
SHA512

884d1049d5aaddc5bef7a6c1901ee5469f885cb9e11fcc915952e891d857935e803d95260448288f6d00a61894c88066c55bf743d061ff6cc21da3afe1a1fc15
SSDEEP

6144:t6vPAfc8qjPVEw5f7IqfkZqFG8v6ZR0jQlsELGqpXQ:t6AaR5f7IqfkGGmElZXQ

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  NEAS.a1605551f5f51a61d20a6a5bfdfda370.exe
- Size
  
  206KB
- MD5
  
  a1605551f5f51a61d20a6a5bfdfda370
- SHA1
  
  efd6126a054b17a73025067041d6fcaf5fa58ff6
- SHA256
  
  01a29ca6a7852408fb515eeab5d5a0a378725b69460ce7b33d0e06cdee3e14a1
- SHA512
  
  884d1049d5aaddc5bef7a6c1901ee5469f885cb9e11fcc915952e891d857935e803d95260448288f6d00a61894c88066c55bf743d061ff6cc21da3afe1a1fc15
- SSDEEP
  
  6144:t6vPAfc8qjPVEw5f7IqfkZqFG8v6ZR0jQlsELGqpXQ:t6AaR5f7IqfkGGmElZXQ
Score

8^/10

aspackv2 persistence
- Modifies AppInit DLL entries
  persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence