Overview

overview

10

Static

static

8

d46040b5ef...4b.exe

windows7-x64

10

d46040b5ef...4b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d46040b5ef18812d715ff58c7f912401a2c8639c772c09df59ce47093785ba4b

  • Size

    710KB

  • Sample

    221028-w991vaafb4

  • MD5

    0b149495da33786da24d1f5066073490

  • SHA1

    8ce4343d4e2a3041ad50e26510aec133ca6e2aba

  • SHA256

    d46040b5ef18812d715ff58c7f912401a2c8639c772c09df59ce47093785ba4b

  • SHA512

    28ffd7a608db82cde738eb44b0c1bcc0e9c9220eced8cd8d5fc12912673838cce1147695fb2c984daa0793d76288d33b2b25d74dbd96b452d5a68a12b846a1c2

  • SSDEEP

    12288:d3TdtLW5WIj1YSSdFxd3TdtLW5WIj1YSSdFx0:FDsj1dEVDsj1dE

Score
10/10
aspackv2evasionpersistence

Malware Config

Targets

    • Target

      d46040b5ef18812d715ff58c7f912401a2c8639c772c09df59ce47093785ba4b

    • Size

      710KB

    • MD5

      0b149495da33786da24d1f5066073490

    • SHA1

      8ce4343d4e2a3041ad50e26510aec133ca6e2aba

    • SHA256

      d46040b5ef18812d715ff58c7f912401a2c8639c772c09df59ce47093785ba4b

    • SHA512

      28ffd7a608db82cde738eb44b0c1bcc0e9c9220eced8cd8d5fc12912673838cce1147695fb2c984daa0793d76288d33b2b25d74dbd96b452d5a68a12b846a1c2

    • SSDEEP

      12288:d3TdtLW5WIj1YSSdFxd3TdtLW5WIj1YSSdFx0:FDsj1dEVDsj1dE

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks