3c717d296fc2aa370a1415d0d1f58a7ecc18aac7806fa2c74e0e4ce8af7b9350 | Triage

Sharing

General

Target

3c717d296fc2aa370a1415d0d1f58a7ecc18aac7806fa2c74e0e4ce8af7b9350
Size

2.5MB
Sample

220703-jakwfscdh9
MD5

fb2869a7012d043fc3a9c74ce4dc5e1c
SHA1

b00fe0a1b1a85fc8c237a336f1ace635a702c61a
SHA256

3c717d296fc2aa370a1415d0d1f58a7ecc18aac7806fa2c74e0e4ce8af7b9350
SHA512

4fae997d7b2630124178d265833a74c3bd2e8344babe0d3eb8bfef5d6b24a394ddce555346e5be645df10ab989551e14a1d046704867444296b0ac00c5f850fb

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3c717d296fc2aa370a1415d0d1f58a7ecc18aac7806fa2c74e0e4ce8af7b9350
- Size
  
  2.5MB
- MD5
  
  fb2869a7012d043fc3a9c74ce4dc5e1c
- SHA1
  
  b00fe0a1b1a85fc8c237a336f1ace635a702c61a
- SHA256
  
  3c717d296fc2aa370a1415d0d1f58a7ecc18aac7806fa2c74e0e4ce8af7b9350
- SHA512
  
  4fae997d7b2630124178d265833a74c3bd2e8344babe0d3eb8bfef5d6b24a394ddce555346e5be645df10ab989551e14a1d046704867444296b0ac00c5f850fb
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2