457b7e62ee2d8327655a921eeb41df0c2726f81c3df3aa42d4a9b053f73ab11a | Triage

Sharing

General

Target

457b7e62ee2d8327655a921eeb41df0c2726f81c3df3aa42d4a9b053f73ab11a
Size

1.6MB
Sample

220707-nyj2aafggk
MD5

65c2a3845a788b99cfe1f590ae201f31
SHA1

b3e09e1de7e9cd00391e2fd3002212658cbcab82
SHA256

457b7e62ee2d8327655a921eeb41df0c2726f81c3df3aa42d4a9b053f73ab11a
SHA512

f1224dd23d9974776ecad83d0c7d3151200f23f5c5ae921454133d93a9aaa323aae1b87d697ed9e39a3c0922807994e0be90024374db331ac5fb345af158eec1

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  457b7e62ee2d8327655a921eeb41df0c2726f81c3df3aa42d4a9b053f73ab11a
- Size
  
  1.6MB
- MD5
  
  65c2a3845a788b99cfe1f590ae201f31
- SHA1
  
  b3e09e1de7e9cd00391e2fd3002212658cbcab82
- SHA256
  
  457b7e62ee2d8327655a921eeb41df0c2726f81c3df3aa42d4a9b053f73ab11a
- SHA512
  
  f1224dd23d9974776ecad83d0c7d3151200f23f5c5ae921454133d93a9aaa323aae1b87d697ed9e39a3c0922807994e0be90024374db331ac5fb345af158eec1
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2