455fbd8f17881c452e2403e3d232635e809b018ca3424f68d17a3a94d9a18d8d | Triage

Sharing

General

Target

455fbd8f17881c452e2403e3d232635e809b018ca3424f68d17a3a94d9a18d8d
Size

1.2MB
Sample

220707-tjaf7aacbj
MD5

b0d0912b323a5b0f859c86c3d0a6e741
SHA1

29f5aa265c70300e5f90f720fb5096d7f5ad5f77
SHA256

455fbd8f17881c452e2403e3d232635e809b018ca3424f68d17a3a94d9a18d8d
SHA512

05e7cb7af4446d0602a2b09caf543b7459f7278974701a7160d3f4e2093609d3a8c300070dd5f756ae9b047015a640f1b71ca3016759f5cbae61332a762c8050

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  455fbd8f17881c452e2403e3d232635e809b018ca3424f68d17a3a94d9a18d8d
- Size
  
  1.2MB
- MD5
  
  b0d0912b323a5b0f859c86c3d0a6e741
- SHA1
  
  29f5aa265c70300e5f90f720fb5096d7f5ad5f77
- SHA256
  
  455fbd8f17881c452e2403e3d232635e809b018ca3424f68d17a3a94d9a18d8d
- SHA512
  
  05e7cb7af4446d0602a2b09caf543b7459f7278974701a7160d3f4e2093609d3a8c300070dd5f756ae9b047015a640f1b71ca3016759f5cbae61332a762c8050
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2