Overview

overview

8

Static

static

8

3da91a2695...ad.exe

windows7_x64

7

3da91a2695...ad.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3da91a26959d5ff40780540bd4c813a95008f239c99d044769b68ff8d3f5fead

  • Size

    1.7MB

  • Sample

    220701-sjgptshedj

  • MD5

    bd1e97bed63415edee6c16d8bc4f849d

  • SHA1

    936018030e897b47a0bcf903da9751f2a700eab9

  • SHA256

    3da91a26959d5ff40780540bd4c813a95008f239c99d044769b68ff8d3f5fead

  • SHA512

    6029287f5a193aa28848db8300f7b636f260234ce838ededb8725c57c7de8ec20905a292d76b30de42d8abecc104d9e38d5906b91a330d3fe6d14578fd378140

Score
8/10
aspackv2persistencespywarestealer

Malware Config

Targets

    • Target

      3da91a26959d5ff40780540bd4c813a95008f239c99d044769b68ff8d3f5fead

    • Size

      1.7MB

    • MD5

      bd1e97bed63415edee6c16d8bc4f849d

    • SHA1

      936018030e897b47a0bcf903da9751f2a700eab9

    • SHA256

      3da91a26959d5ff40780540bd4c813a95008f239c99d044769b68ff8d3f5fead

    • SHA512

      6029287f5a193aa28848db8300f7b636f260234ce838ededb8725c57c7de8ec20905a292d76b30de42d8abecc104d9e38d5906b91a330d3fe6d14578fd378140

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks