681503e3e93dbbb94c9e8b50b55a664e70c554677f29327501291736fedec9ad | Triage

Sharing

General

Target

681503e3e93dbbb94c9e8b50b55a664e70c554677f29327501291736fedec9ad
Size

1.3MB
Sample

220707-nsa67ahdf6
MD5

4587acebe88fb88576bc698788cfb541
SHA1

9dbaf26d5934fba8acffa597b2830a64ddd9f207
SHA256

681503e3e93dbbb94c9e8b50b55a664e70c554677f29327501291736fedec9ad
SHA512

e91cb4869f5b2b521bddd2f20f35de3c248ea33ebdb7d26137ced4f3dd3616ec43fa25e9d11ea6f0caf09a06e50d772c05ecb1bf94dddd868430ac94a31669de

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  681503e3e93dbbb94c9e8b50b55a664e70c554677f29327501291736fedec9ad
- Size
  
  1.3MB
- MD5
  
  4587acebe88fb88576bc698788cfb541
- SHA1
  
  9dbaf26d5934fba8acffa597b2830a64ddd9f207
- SHA256
  
  681503e3e93dbbb94c9e8b50b55a664e70c554677f29327501291736fedec9ad
- SHA512
  
  e91cb4869f5b2b521bddd2f20f35de3c248ea33ebdb7d26137ced4f3dd3616ec43fa25e9d11ea6f0caf09a06e50d772c05ecb1bf94dddd868430ac94a31669de
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2