3b1ea47c3532e6e4f8fe72474fd92deaa684edb43731b6551b9d8521fd6dde71 | Triage

Sharing

General

Target

3b1ea47c3532e6e4f8fe72474fd92deaa684edb43731b6551b9d8521fd6dde71
Size

1.9MB
Sample

220703-v761qscfd6
MD5

45b95cc7c7fb61b7f647f57bd29c9d28
SHA1

cbaddeb48d84dee074cb7fde40213edc085108a9
SHA256

3b1ea47c3532e6e4f8fe72474fd92deaa684edb43731b6551b9d8521fd6dde71
SHA512

6752746811f99707b7123bff3dd98dbdf93434e6721cdceeaa105c082dcf7d139604be63afb4a713e92795856f419370172db89c6b188fe4b7d8c28880ca7980

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3b1ea47c3532e6e4f8fe72474fd92deaa684edb43731b6551b9d8521fd6dde71
- Size
  
  1.9MB
- MD5
  
  45b95cc7c7fb61b7f647f57bd29c9d28
- SHA1
  
  cbaddeb48d84dee074cb7fde40213edc085108a9
- SHA256
  
  3b1ea47c3532e6e4f8fe72474fd92deaa684edb43731b6551b9d8521fd6dde71
- SHA512
  
  6752746811f99707b7123bff3dd98dbdf93434e6721cdceeaa105c082dcf7d139604be63afb4a713e92795856f419370172db89c6b188fe4b7d8c28880ca7980
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2