401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16 | Triage

Submit
Reports

Overview

overview

Static

static

8

401024b77a...16.exe

windows7-x64

401024b77a...16.exe

windows10-2004-x64

Sharing

General

Target

401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16
Size

45KB
Sample

221120-qdmmsahf4x
MD5

0825a8dc788a065f6c83bac0198704a3
SHA1

c5e6eb4acee804a0ae1e3a0cdbb4d40dc5f7d736
SHA256

401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16
SHA512

d98ac956c651a1a95c96f35bc4fcb4e44e22ef8ec716559cd951c5255169ee7c5dfde5712f43834b965bb5012f18e43984131393f889d026a60c15475479adf6
SSDEEP

768:gAYG+lzc/ujL+yuSElTTrA7e/GMHZHfsOCawygumxmha5:r+9+yVWTI7eDNfsOCVbun

Score

10^/10

aspackv2 evasion persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16.exe

Resource

win7-20221111-en

aspackv2 evasion persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16.exe

Resource

win10v2004-20221111-en

aspackv2 evasion persistence

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16
- Size
  
  45KB
- MD5
  
  0825a8dc788a065f6c83bac0198704a3
- SHA1
  
  c5e6eb4acee804a0ae1e3a0cdbb4d40dc5f7d736
- SHA256
  
  401024b77a10a777700ac9b74cf49ac5d0e5f0de6d78fa18a8ef9cd6e893ed16
- SHA512
  
  d98ac956c651a1a95c96f35bc4fcb4e44e22ef8ec716559cd951c5255169ee7c5dfde5712f43834b965bb5012f18e43984131393f889d026a60c15475479adf6
- SSDEEP
  
  768:gAYG+lzc/ujL+yuSElTTrA7e/GMHZHfsOCawygumxmha5:r+9+yVWTI7eDNfsOCVbun
Score

10^/10

aspackv2 evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2evasionpersistence

behavioral2

aspackv2evasionpersistence

© 2018-2024

Terms | Privacy