3cec9cba117d4cb10d836ff60eba1c6e6173b61965f5403f0a9af1da1a018bbf | Triage

Sharing

General

Target

3cec9cba117d4cb10d836ff60eba1c6e6173b61965f5403f0a9af1da1a018bbf
Size

1.5MB
Sample

220703-fgrqsshfc7
MD5

a1f50b963b23ac5055b5269f57481c05
SHA1

c702a63716b94593148a3c52ba03ffe7634fe65e
SHA256

3cec9cba117d4cb10d836ff60eba1c6e6173b61965f5403f0a9af1da1a018bbf
SHA512

b81fdaf3030b2f43a570d6ae41159291a72176c1c7e5a4ce0d64ee5e92560de5ddf372d2f7ee5bd862e918e36ec3d01625d8360e739d1bbe93f660d5312d03ae

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3cec9cba117d4cb10d836ff60eba1c6e6173b61965f5403f0a9af1da1a018bbf
- Size
  
  1.5MB
- MD5
  
  a1f50b963b23ac5055b5269f57481c05
- SHA1
  
  c702a63716b94593148a3c52ba03ffe7634fe65e
- SHA256
  
  3cec9cba117d4cb10d836ff60eba1c6e6173b61965f5403f0a9af1da1a018bbf
- SHA512
  
  b81fdaf3030b2f43a570d6ae41159291a72176c1c7e5a4ce0d64ee5e92560de5ddf372d2f7ee5bd862e918e36ec3d01625d8360e739d1bbe93f660d5312d03ae
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2