3e268987c5da371520608fd097c6f2613abaf410171db27c0120724e42a6b078 | Triage

Sharing

General

Target

3e268987c5da371520608fd097c6f2613abaf410171db27c0120724e42a6b078
Size

922KB
Sample

220701-kb9rmsddg3
MD5

f59dd42dcf044830429735b7dd4f5e58
SHA1

7e519f0c56e88ee2ae2a4605ce0d54d1295952f2
SHA256

3e268987c5da371520608fd097c6f2613abaf410171db27c0120724e42a6b078
SHA512

cae547319580e74592e6f95758e041560a1ed470394c36784a391de8ae839aca7920de1158450cdc5150a5b4d214b178f8945bae9b6604c0114959af2123a2eb

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3e268987c5da371520608fd097c6f2613abaf410171db27c0120724e42a6b078
- Size
  
  922KB
- MD5
  
  f59dd42dcf044830429735b7dd4f5e58
- SHA1
  
  7e519f0c56e88ee2ae2a4605ce0d54d1295952f2
- SHA256
  
  3e268987c5da371520608fd097c6f2613abaf410171db27c0120724e42a6b078
- SHA512
  
  cae547319580e74592e6f95758e041560a1ed470394c36784a391de8ae839aca7920de1158450cdc5150a5b4d214b178f8945bae9b6604c0114959af2123a2eb
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2