Overview

overview

8

Static

static

8

466d7669df...b0.exe

windows7_x64

6

466d7669df...b0.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    466d7669df1357849f8988a47890f7d93501dd333f1e59dc9cda803e37baf1b0

  • Size

    1.4MB

  • Sample

    220707-kq6njabfh5

  • MD5

    dfa1a0f58150f8af4c4575397c3cea40

  • SHA1

    2dabb834a2fda3429634ede3c915de7c0e4ccdb0

  • SHA256

    466d7669df1357849f8988a47890f7d93501dd333f1e59dc9cda803e37baf1b0

  • SHA512

    b7866eb6368da580d24e0226621a0c4f6274b1a66e54d76303a235b3cc88e1b46013bf0ef0eb4d4a8b0b4d65b203b4a56878fce63a5b0825155cd67376c489dc

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      466d7669df1357849f8988a47890f7d93501dd333f1e59dc9cda803e37baf1b0

    • Size

      1.4MB

    • MD5

      dfa1a0f58150f8af4c4575397c3cea40

    • SHA1

      2dabb834a2fda3429634ede3c915de7c0e4ccdb0

    • SHA256

      466d7669df1357849f8988a47890f7d93501dd333f1e59dc9cda803e37baf1b0

    • SHA512

      b7866eb6368da580d24e0226621a0c4f6274b1a66e54d76303a235b3cc88e1b46013bf0ef0eb4d4a8b0b4d65b203b4a56878fce63a5b0825155cd67376c489dc

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks