Overview

overview

8

Static

static

8

46b5355b86...b3.exe

windows7_x64

6

46b5355b86...b3.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46b5355b86221273b5989ac96f3fcd83a887cb9d2b30276eda33d6b034ddd2b3

  • Size

    3.2MB

  • Sample

    220707-js74pshhg4

  • MD5

    8a6dbbec868a962f60926dcb7a77362f

  • SHA1

    b99e24aca601356c9cde1fca7cce260f542eef16

  • SHA256

    46b5355b86221273b5989ac96f3fcd83a887cb9d2b30276eda33d6b034ddd2b3

  • SHA512

    f58b26e27d53da6779b04159c656549361713594d22a2fe45d2c658054f8176b653edc08b0b42f3abd2e1e97b79162e00968601576a11b7f8e9bc405e1edcbf3

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      46b5355b86221273b5989ac96f3fcd83a887cb9d2b30276eda33d6b034ddd2b3

    • Size

      3.2MB

    • MD5

      8a6dbbec868a962f60926dcb7a77362f

    • SHA1

      b99e24aca601356c9cde1fca7cce260f542eef16

    • SHA256

      46b5355b86221273b5989ac96f3fcd83a887cb9d2b30276eda33d6b034ddd2b3

    • SHA512

      f58b26e27d53da6779b04159c656549361713594d22a2fe45d2c658054f8176b653edc08b0b42f3abd2e1e97b79162e00968601576a11b7f8e9bc405e1edcbf3

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks