Overview

overview

8

Static

static

8

468b913527...50.exe

windows7_x64

6

468b913527...50.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    468b9135276bf894506ba102104497be5993120e467a497645b5dc1852618c50

  • Size

    1.2MB

  • Sample

    220707-kcw7yagghr

  • MD5

    4a27e104a9dd61b06ade8a9332343034

  • SHA1

    686f13faf61d844309687c9bd27ec258934cd17d

  • SHA256

    468b9135276bf894506ba102104497be5993120e467a497645b5dc1852618c50

  • SHA512

    51ccc96dd6511b6866339666efa6292c937a007ba976a0e641e36b657cd3951950cd13042f1e4403715c417e98f3c4fba797903ce3002607e70f7dfaa5fdd136

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      468b9135276bf894506ba102104497be5993120e467a497645b5dc1852618c50

    • Size

      1.2MB

    • MD5

      4a27e104a9dd61b06ade8a9332343034

    • SHA1

      686f13faf61d844309687c9bd27ec258934cd17d

    • SHA256

      468b9135276bf894506ba102104497be5993120e467a497645b5dc1852618c50

    • SHA512

      51ccc96dd6511b6866339666efa6292c937a007ba976a0e641e36b657cd3951950cd13042f1e4403715c417e98f3c4fba797903ce3002607e70f7dfaa5fdd136

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks