de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248 | Triage

Submit
Reports

Overview

overview

Static

static

8

de048753f6...48.exe

windows7_x64

de048753f6...48.exe

windows10_x64

Sharing

General

Target

de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248
Size

231KB
Sample

210505-9yaxxyw9r6
MD5

6b699598d9b88107f16ea4977a39dd2c
SHA1

28ae2c9fe6ae8ca1e891d32094e159684363cef1
SHA256

de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248
SHA512

668ca675242b843f7781df225c4156b2b7722b7f7a5afe9233e45ff587546ac5d35f282f43fc518228ae7591290f4bb0da5aada839bcfe1ee255f98c694d0050

Score

10^/10

aspackv2 persistence

Static task

static1

Behavioral task

behavioral1

Sample

de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248.exe

Resource

win7v20210408

aspackv2 persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248.exe

Resource

win10v20210410

aspackv2 persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248
- Size
  
  231KB
- MD5
  
  6b699598d9b88107f16ea4977a39dd2c
- SHA1
  
  28ae2c9fe6ae8ca1e891d32094e159684363cef1
- SHA256
  
  de048753f687a726312de3ad7f8f0e05966fdd5207942d4a4a82488ff2936248
- SHA512
  
  668ca675242b843f7781df225c4156b2b7722b7f7a5afe9233e45ff587546ac5d35f282f43fc518228ae7591290f4bb0da5aada839bcfe1ee255f98c694d0050
Score

10^/10

aspackv2 persistence
- Modifies system executable filetype association
  persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence

© 2018-2024

Terms | Privacy