46be1ba0ecd422f1fc003d5fdf12650ce286f44cf5481a938973f5e7e6a732b2 | Triage

Sharing

General

Target

46be1ba0ecd422f1fc003d5fdf12650ce286f44cf5481a938973f5e7e6a732b2
Size

2.8MB
Sample

220707-jpww9shgc3
MD5

e9248beadb7a511d17abd7a5468b9e0a
SHA1

8955dd5b1223cc6a67fa32b0c9a7d3049d173289
SHA256

46be1ba0ecd422f1fc003d5fdf12650ce286f44cf5481a938973f5e7e6a732b2
SHA512

17b5befd3651601732a76dc5de448e87590d8ee0d33558e0792c67969527d83499e012bd4ff12624ff48bbd11c51d1fbe2d90194b3860c55727d8de0c80563cb

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  46be1ba0ecd422f1fc003d5fdf12650ce286f44cf5481a938973f5e7e6a732b2
- Size
  
  2.8MB
- MD5
  
  e9248beadb7a511d17abd7a5468b9e0a
- SHA1
  
  8955dd5b1223cc6a67fa32b0c9a7d3049d173289
- SHA256
  
  46be1ba0ecd422f1fc003d5fdf12650ce286f44cf5481a938973f5e7e6a732b2
- SHA512
  
  17b5befd3651601732a76dc5de448e87590d8ee0d33558e0792c67969527d83499e012bd4ff12624ff48bbd11c51d1fbe2d90194b3860c55727d8de0c80563cb
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer