3df39fa4fcad907e856f53641ee025ac42f712c16e73cc295104a8c29c733436 | Triage

Sharing

General

Target

3df39fa4fcad907e856f53641ee025ac42f712c16e73cc295104a8c29c733436
Size

3.2MB
Sample

220701-q7ybdagfb6
MD5

f6f41a8ff2ceefbb922e8f3504310d27
SHA1

6972b44cd344e4ebaf616e7480e83487b92375b4
SHA256

3df39fa4fcad907e856f53641ee025ac42f712c16e73cc295104a8c29c733436
SHA512

2a5d687a455d7d57953bec8310bb64533c5d5f8d7287ca114e435f243b2956df7ee355aea31472c9c6e877c4d5e9c0543a18d2fc9c254c7e84c6cd043cd2f621

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3df39fa4fcad907e856f53641ee025ac42f712c16e73cc295104a8c29c733436
- Size
  
  3.2MB
- MD5
  
  f6f41a8ff2ceefbb922e8f3504310d27
- SHA1
  
  6972b44cd344e4ebaf616e7480e83487b92375b4
- SHA256
  
  3df39fa4fcad907e856f53641ee025ac42f712c16e73cc295104a8c29c733436
- SHA512
  
  2a5d687a455d7d57953bec8310bb64533c5d5f8d7287ca114e435f243b2956df7ee355aea31472c9c6e877c4d5e9c0543a18d2fc9c254c7e84c6cd043cd2f621
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2