3ba00f48a6a9c88f39efab9a64d15cc1514786b1e1bd3b9ba774bc168d269010 | Triage

Sharing

General

Target

3ba00f48a6a9c88f39efab9a64d15cc1514786b1e1bd3b9ba774bc168d269010
Size

2.7MB
Sample

220703-l7xbvsghe9
MD5

ab20ec17e0b833e094f78f9be816ae69
SHA1

b094a8ebf14eb310ed9e97b5c9c9457c3e0cfb48
SHA256

3ba00f48a6a9c88f39efab9a64d15cc1514786b1e1bd3b9ba774bc168d269010
SHA512

d75be4c6285d07c915efd5a16802858edf25a127eb38b7ae88db217eaa13d15a27b448c28c3c4930129286c274cf4d00e68b2fd9438b41bf189422f3c7539909

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3ba00f48a6a9c88f39efab9a64d15cc1514786b1e1bd3b9ba774bc168d269010
- Size
  
  2.7MB
- MD5
  
  ab20ec17e0b833e094f78f9be816ae69
- SHA1
  
  b094a8ebf14eb310ed9e97b5c9c9457c3e0cfb48
- SHA256
  
  3ba00f48a6a9c88f39efab9a64d15cc1514786b1e1bd3b9ba774bc168d269010
- SHA512
  
  d75be4c6285d07c915efd5a16802858edf25a127eb38b7ae88db217eaa13d15a27b448c28c3c4930129286c274cf4d00e68b2fd9438b41bf189422f3c7539909
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2