52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732 | Triage

Submit
Reports

Overview

overview

Static

static

8

52ec2bb551...32.exe

windows10_x64

Sharing

General

Target

52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
Size

2.7MB
Sample

210817-ky93l67kaa
MD5

ce01abae632039492328b5d9920a572c
SHA1

62709acf15da719ee84d692834176de59ab32c9e
SHA256

52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
SHA512

afdcfe14ce9396f77c238c93090c1e03dfc74959b0b1229e2410ed119c68bbd4196efd3d8a291a1e45325caf9a17001a5122ead1538bb1766b9cac57c18703b0

Score

10^/10

aspackv2 persistence

Static task

static1

Behavioral task

behavioral1

Sample

52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732.exe

Resource

win10v20210410

aspackv2 persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
- Size
  
  2.7MB
- MD5
  
  ce01abae632039492328b5d9920a572c
- SHA1
  
  62709acf15da719ee84d692834176de59ab32c9e
- SHA256
  
  52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
- SHA512
  
  afdcfe14ce9396f77c238c93090c1e03dfc74959b0b1229e2410ed119c68bbd4196efd3d8a291a1e45325caf9a17001a5122ead1538bb1766b9cac57c18703b0
Score

10^/10

aspackv2 persistence
- Modifies WinLogon for persistence
  persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Drops startup file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2persistence

© 2018-2024

Terms | Privacy