9b329ab1596080efc32657c81853ac70dafde01641576d91fd8004923b9a31b0 | Triage

Sharing

General

Target

9b329ab1596080efc32657c81853ac70dafde01641576d91fd8004923b9a31b0
Size

4.4MB
Sample

220707-l5fakaecg8
MD5

4604baa16580cc6c0c075cef8410c6ac
SHA1

6a7f98d5ac984ac394c99a12e40d7cef2b978bee
SHA256

9b329ab1596080efc32657c81853ac70dafde01641576d91fd8004923b9a31b0
SHA512

78fdb1a1f15ea533db38163b42b30af3bb17ffafa60d7c90f0ec8d475342534ff3c22a4aa6f5be45c0a3680b85b516ed788522279eadfdaa33278401699a5bab

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  9b329ab1596080efc32657c81853ac70dafde01641576d91fd8004923b9a31b0
- Size
  
  4.4MB
- MD5
  
  4604baa16580cc6c0c075cef8410c6ac
- SHA1
  
  6a7f98d5ac984ac394c99a12e40d7cef2b978bee
- SHA256
  
  9b329ab1596080efc32657c81853ac70dafde01641576d91fd8004923b9a31b0
- SHA512
  
  78fdb1a1f15ea533db38163b42b30af3bb17ffafa60d7c90f0ec8d475342534ff3c22a4aa6f5be45c0a3680b85b516ed788522279eadfdaa33278401699a5bab
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2