e49e14672de3a468cc660fd18ec801bea97f0d862279ca37a08956519e005e20 | Triage

Sharing

General

Target

e49e14672de3a468cc660fd18ec801bea97f0d862279ca37a08956519e005e20
Size

1.5MB
Sample

220703-ttehwsgdbn
MD5

3b7ad8b81c8bc01bce5456118f026703
SHA1

f19711c4eb758406744e7f0673c9aa8265c83328
SHA256

e49e14672de3a468cc660fd18ec801bea97f0d862279ca37a08956519e005e20
SHA512

a9cebc8efa6873434b4ff597087a0b2b083171068958e67a7d1c1e42016956c7e278d86b8b587d6051b3665c03924e1c016e2cdab707503c9e5037062d19d13e

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  e49e14672de3a468cc660fd18ec801bea97f0d862279ca37a08956519e005e20
- Size
  
  1.5MB
- MD5
  
  3b7ad8b81c8bc01bce5456118f026703
- SHA1
  
  f19711c4eb758406744e7f0673c9aa8265c83328
- SHA256
  
  e49e14672de3a468cc660fd18ec801bea97f0d862279ca37a08956519e005e20
- SHA512
  
  a9cebc8efa6873434b4ff597087a0b2b083171068958e67a7d1c1e42016956c7e278d86b8b587d6051b3665c03924e1c016e2cdab707503c9e5037062d19d13e
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2