56c6b80e9f525e9010b47112f8085751e8e3fb744e111df3330b481df6a7e954 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

covid20.exe

windows7_x64

8

covid20.exe

windows10_x64

8

Sharing

General

Target

covid20.exe
Size

4.8MB
Sample

211206-tf8jtaedgn
MD5

fde53eb92140afb22152cfa283ef26cc
SHA1

b975f240e69307f809e54fabf6ea547183edf130
SHA256

56c6b80e9f525e9010b47112f8085751e8e3fb744e111df3330b481df6a7e954
SHA512

df5eaa0e429e618d7c94eab0dd6021d774abe50ad2d200d3608d1d1c50b70e65eccff564baa2fd2b86a5dad999ff7edb04152ac5cbff209fae7d93c329dff771

Score

8^/10

aspackv2 ransomware upx

Static task

static1

Behavioral task

behavioral1

Sample

covid20.exe

Resource

win7-en-20211014

aspackv2 ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

covid20.exe

Resource

win10-en-20211104

aspackv2 ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  covid20.exe
- Size
  
  4.8MB
- MD5
  
  fde53eb92140afb22152cfa283ef26cc
- SHA1
  
  b975f240e69307f809e54fabf6ea547183edf130
- SHA256
  
  56c6b80e9f525e9010b47112f8085751e8e3fb744e111df3330b481df6a7e954
- SHA512
  
  df5eaa0e429e618d7c94eab0dd6021d774abe50ad2d200d3608d1d1c50b70e65eccff564baa2fd2b86a5dad999ff7edb04152ac5cbff209fae7d93c329dff771
Score

8^/10

aspackv2 ransomware
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Tasks

static1

behavioral1

aspackv2ransomware

behavioral2

aspackv2ransomware

© 2018-2024

Terms | Privacy