Overview

overview

8

Static

static

8

3ce95c12c4...6e.exe

windows7_x64

6

3ce95c12c4...6e.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ce95c12c41b7523a18bba5eeb77cf3e0818b288bf4eb70f4190438f4673c46e

  • Size

    2.3MB

  • Sample

    220703-fh746sfggq

  • MD5

    80fad658ee819a0b3632d8cfc935626d

  • SHA1

    c7c185e6a8c400e9f2d6948b87e7a752cfead59c

  • SHA256

    3ce95c12c41b7523a18bba5eeb77cf3e0818b288bf4eb70f4190438f4673c46e

  • SHA512

    c64e2654f3c313716a20ed1556e725696368d6521d3c5fa60db176b1e07018b3787c6435c9b92b66dd8cf8297b823f0ec62d0c4d86e07a1f384f0b3db9c3160f

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      3ce95c12c41b7523a18bba5eeb77cf3e0818b288bf4eb70f4190438f4673c46e

    • Size

      2.3MB

    • MD5

      80fad658ee819a0b3632d8cfc935626d

    • SHA1

      c7c185e6a8c400e9f2d6948b87e7a752cfead59c

    • SHA256

      3ce95c12c41b7523a18bba5eeb77cf3e0818b288bf4eb70f4190438f4673c46e

    • SHA512

      c64e2654f3c313716a20ed1556e725696368d6521d3c5fa60db176b1e07018b3787c6435c9b92b66dd8cf8297b823f0ec62d0c4d86e07a1f384f0b3db9c3160f

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks