3add6d8cef7fd8bdf80ac06b4fc158561f4efe28572adefdbc16d19c59514001 | Triage

Sharing

General

Target

3add6d8cef7fd8bdf80ac06b4fc158561f4efe28572adefdbc16d19c59514001
Size

3.1MB
Sample

220703-w759waecc6
MD5

a86ba668bb7f4cb8487ff514a62dc5e4
SHA1

295c350f7949195b4bf4dd56a806c4699138dfeb
SHA256

3add6d8cef7fd8bdf80ac06b4fc158561f4efe28572adefdbc16d19c59514001
SHA512

1af0ef07555db29c71ab76e07001f6fcdce4fe4831d7fc6b2f982f996421826471fd7c888a0ae3674100e10b5eeb5503ac9f38f2e1b65ce4e21758f029097dc3

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  3add6d8cef7fd8bdf80ac06b4fc158561f4efe28572adefdbc16d19c59514001
- Size
  
  3.1MB
- MD5
  
  a86ba668bb7f4cb8487ff514a62dc5e4
- SHA1
  
  295c350f7949195b4bf4dd56a806c4699138dfeb
- SHA256
  
  3add6d8cef7fd8bdf80ac06b4fc158561f4efe28572adefdbc16d19c59514001
- SHA512
  
  1af0ef07555db29c71ab76e07001f6fcdce4fe4831d7fc6b2f982f996421826471fd7c888a0ae3674100e10b5eeb5503ac9f38f2e1b65ce4e21758f029097dc3
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2