3c45602405c0903f950954c3f2c9b277f38a62ef82f875d4583c1b3008fa9257 | Triage

Sharing

General

Target

3c45602405c0903f950954c3f2c9b277f38a62ef82f875d4583c1b3008fa9257
Size

2.7MB
Sample

220703-jxs6cadeb7
MD5

e0f387fa69df95701ef3d4c7b34e361d
SHA1

fe3f0589c1fccdd874dd54d6b73fc552e959b39c
SHA256

3c45602405c0903f950954c3f2c9b277f38a62ef82f875d4583c1b3008fa9257
SHA512

e8abd28dca32d8b2f572dab05e3645d006d1f0f61e629ba9fdf32518c65c3a37869ac94473ba3102905ad3072ddb9238e660fa1219563f167b1ee63abfbbf77f

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3c45602405c0903f950954c3f2c9b277f38a62ef82f875d4583c1b3008fa9257
- Size
  
  2.7MB
- MD5
  
  e0f387fa69df95701ef3d4c7b34e361d
- SHA1
  
  fe3f0589c1fccdd874dd54d6b73fc552e959b39c
- SHA256
  
  3c45602405c0903f950954c3f2c9b277f38a62ef82f875d4583c1b3008fa9257
- SHA512
  
  e8abd28dca32d8b2f572dab05e3645d006d1f0f61e629ba9fdf32518c65c3a37869ac94473ba3102905ad3072ddb9238e660fa1219563f167b1ee63abfbbf77f
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2