45a322c1d74363a9990dc8fba22d9346ac280343f99bfca4db9888db261183a4 | Triage

Sharing

General

Target

45a322c1d74363a9990dc8fba22d9346ac280343f99bfca4db9888db261183a4
Size

1.8MB
Sample

220707-ndwjksegek
MD5

f62bbbd33792447dd61bf363bc5ac97b
SHA1

11736f86f28840dd5323ee43a30631eb8e1165a0
SHA256

45a322c1d74363a9990dc8fba22d9346ac280343f99bfca4db9888db261183a4
SHA512

55510402b7a495575c75c9d8fc7b7795f5206502b0e596129621a4c4fc84be41d025168989acaa0d503775e1006ad14ad8fb1a9a47dd4b5bae2e5d6b8f476ae4

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  45a322c1d74363a9990dc8fba22d9346ac280343f99bfca4db9888db261183a4
- Size
  
  1.8MB
- MD5
  
  f62bbbd33792447dd61bf363bc5ac97b
- SHA1
  
  11736f86f28840dd5323ee43a30631eb8e1165a0
- SHA256
  
  45a322c1d74363a9990dc8fba22d9346ac280343f99bfca4db9888db261183a4
- SHA512
  
  55510402b7a495575c75c9d8fc7b7795f5206502b0e596129621a4c4fc84be41d025168989acaa0d503775e1006ad14ad8fb1a9a47dd4b5bae2e5d6b8f476ae4
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2