65d3591d7b9e812861bfc619c867b60793f704cd99a4681d1c2a8c1ca2c11e3a | Triage

Sharing

General

Target

d39ad5a55253710f0869adc9e33b604e
Size

7.6MB
Sample

201214-klvm3nfyka
MD5

d39ad5a55253710f0869adc9e33b604e
SHA1

958068a419f4f7a936fee8cb74f8573822600e7d
SHA256

65d3591d7b9e812861bfc619c867b60793f704cd99a4681d1c2a8c1ca2c11e3a
SHA512

e4d9a18e23306978a3f329b2ac1e7bf574a60f6ba85f588a589969a64111cc53360f015dc33b5436311b70633b683ee0ee981b47de54080b04fe672b997ab228

Score

8^/10

aspackv2 persistence spyware

Malware Config

Targets

- Target
  
  d39ad5a55253710f0869adc9e33b604e
- Size
  
  7.6MB
- MD5
  
  d39ad5a55253710f0869adc9e33b604e
- SHA1
  
  958068a419f4f7a936fee8cb74f8573822600e7d
- SHA256
  
  65d3591d7b9e812861bfc619c867b60793f704cd99a4681d1c2a8c1ca2c11e3a
- SHA512
  
  e4d9a18e23306978a3f329b2ac1e7bf574a60f6ba85f588a589969a64111cc53360f015dc33b5436311b70633b683ee0ee981b47de54080b04fe672b997ab228
Score

7^/10

persistence spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespyware

behavioral2