657180e809964e2dff82787e7c596b286e0d51dc45cde48b18f1e51727a873a4 | Triage

Sharing

General

Target

657180e809964e2dff82787e7c596b286e0d51dc45cde48b18f1e51727a873a4
Size

4.0MB
Sample

220707-jm6zfsfdgl
MD5

46c2bf2f0f9b00ee3cc557e51ab97a6d
SHA1

cf54bffde67d9758c89a5f80311b67c7348fa730
SHA256

657180e809964e2dff82787e7c596b286e0d51dc45cde48b18f1e51727a873a4
SHA512

437ce3f8184a75fb3ce7e7af68ef9a4bceb169ebc39162e0f3bd9a1043eb205821a501d45ad5342184fab6b6dbb001f91f9b0f15a0fb34c7ed9edc5ac0b78e5e

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  657180e809964e2dff82787e7c596b286e0d51dc45cde48b18f1e51727a873a4
- Size
  
  4.0MB
- MD5
  
  46c2bf2f0f9b00ee3cc557e51ab97a6d
- SHA1
  
  cf54bffde67d9758c89a5f80311b67c7348fa730
- SHA256
  
  657180e809964e2dff82787e7c596b286e0d51dc45cde48b18f1e51727a873a4
- SHA512
  
  437ce3f8184a75fb3ce7e7af68ef9a4bceb169ebc39162e0f3bd9a1043eb205821a501d45ad5342184fab6b6dbb001f91f9b0f15a0fb34c7ed9edc5ac0b78e5e
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2