de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

de325ade17...91.exe

windows7-x64

8

de325ade17...91.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291
Size

300KB
Sample

221031-bgy3nahee6
MD5

91bc13d145b91ac157b2cbc54137a4c0
SHA1

d85a1d94790f5c52feb57a76b81492ec3eef6196
SHA256

de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291
SHA512

a26c75bae9f5c103d7269ae8066606c5acad4040f899263f38ac0426f6f00966dd441f41dd28783bb7240c23408ec7e782021c28c713ef3462e41f98cf7bcd70
SSDEEP

6144:GMKLkTzlGz9gOUb2GBqoOkR6loMnKXAOPvL2ADSPOTHM4P/rFEs7UXv5B:BKglGRgOUqmq9kR6lhKXYADSPOzMjkUj

Score

8^/10

aspackv2 persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291.exe

Resource

win7-20220812-en

aspackv2 persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291.exe

Resource

win10v2004-20220812-en

aspackv2 persistence

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291
- Size
  
  300KB
- MD5
  
  91bc13d145b91ac157b2cbc54137a4c0
- SHA1
  
  d85a1d94790f5c52feb57a76b81492ec3eef6196
- SHA256
  
  de325ade1755db2e7e701f5de7df83a390071fc9df3645a103fd54e0476b2291
- SHA512
  
  a26c75bae9f5c103d7269ae8066606c5acad4040f899263f38ac0426f6f00966dd441f41dd28783bb7240c23408ec7e782021c28c713ef3462e41f98cf7bcd70
- SSDEEP
  
  6144:GMKLkTzlGz9gOUb2GBqoOkR6loMnKXAOPvL2ADSPOTHM4P/rFEs7UXv5B:BKglGRgOUqmq9kR6lhKXYADSPOzMjkUj
Score

8^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence

© 2018-2025

Terms | Privacy