7bfffae521bf579cd33463deb7e19ce83c69a5ab40bb71af96c3fe141c7b16fd | Triage

Sharing

General

Target

NEAS.fa2f8ea0dface3b3e935b106edef4150.exe
Size

3.5MB
Sample

231103-sfxlwadc6w
MD5

fa2f8ea0dface3b3e935b106edef4150
SHA1

1944790945d8b7fee88d474404eb90b89d9384d6
SHA256

7bfffae521bf579cd33463deb7e19ce83c69a5ab40bb71af96c3fe141c7b16fd
SHA512

d0b3b0df5a5190444290b4e538546d01e7384d564bdd1aa86786f4f6b5ef759277627cb7ead3b79a9fd36b2c3c963aab7eb5b0c19378358fd09bb195dcd76827
SSDEEP

49152:mMXEiGdi/R+kKp+6FlLlCYuJPA3LBuq8NBU8AxdwDHVfv9ytA8Wpl+SJ8lQqhq:aBp+gtlCRiSJ8

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  NEAS.fa2f8ea0dface3b3e935b106edef4150.exe
- Size
  
  3.5MB
- MD5
  
  fa2f8ea0dface3b3e935b106edef4150
- SHA1
  
  1944790945d8b7fee88d474404eb90b89d9384d6
- SHA256
  
  7bfffae521bf579cd33463deb7e19ce83c69a5ab40bb71af96c3fe141c7b16fd
- SHA512
  
  d0b3b0df5a5190444290b4e538546d01e7384d564bdd1aa86786f4f6b5ef759277627cb7ead3b79a9fd36b2c3c963aab7eb5b0c19378358fd09bb195dcd76827
- SSDEEP
  
  49152:mMXEiGdi/R+kKp+6FlLlCYuJPA3LBuq8NBU8AxdwDHVfv9ytA8Wpl+SJ8lQqhq:aBp+gtlCRiSJ8
Score

10^/10

evasion persistence
- Modifies security service
  evasion
- Sets DLL path for service in the registry
  persistence
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence