45791a45f7ca53620edcb6f584145e173b0e8c9d7b927177ade32a6addfba57e | Triage

Sharing

General

Target

45791a45f7ca53620edcb6f584145e173b0e8c9d7b927177ade32a6addfba57e
Size

196KB
Sample

220707-nzl72ahge3
MD5

eab6ff47deb8f1278071a1297dbdf602
SHA1

81d311da14e185789afe7551250618d5a7babfe8
SHA256

45791a45f7ca53620edcb6f584145e173b0e8c9d7b927177ade32a6addfba57e
SHA512

36759ac1c182325e3c34190a6c9d107ea4d906520155f1b9fb5972c0b00b981e29a00028c0a84cd441d635c04e4710807e2168a2c1e23d67430557c50d5d3548

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  45791a45f7ca53620edcb6f584145e173b0e8c9d7b927177ade32a6addfba57e
- Size
  
  196KB
- MD5
  
  eab6ff47deb8f1278071a1297dbdf602
- SHA1
  
  81d311da14e185789afe7551250618d5a7babfe8
- SHA256
  
  45791a45f7ca53620edcb6f584145e173b0e8c9d7b927177ade32a6addfba57e
- SHA512
  
  36759ac1c182325e3c34190a6c9d107ea4d906520155f1b9fb5972c0b00b981e29a00028c0a84cd441d635c04e4710807e2168a2c1e23d67430557c50d5d3548
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2