dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d | Triage

Submit
Reports

Overview

overview

8

Static

static

8

dff8b3965e...0d.exe

windows7-x64

8

dff8b3965e...0d.exe

windows10-2004-x64

8

Sharing

General

Target

dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d
Size

292KB
Sample

221124-pc89qacf97
MD5

a3ab57bec982261a8f2107be8462023d
SHA1

8c68c03075d90d71ce2f222314c9ef7b439cb08d
SHA256

dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d
SHA512

6345b1768925f61c08ec2b43d046d61140cc7d3c427bebae18ee143839083ea16955d32f60d95b82bfdcf2b1f413168d497b95f12d22a377cf01ca2765d9b554
SSDEEP

6144:sN+HTr4epupP3/4YIJ8m1MxUyRzoVOBlYQflIGy:sNgrZ4P4BJTM6++OBlYERy

Score

8^/10

aspackv2 persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d.exe

Resource

win7-20220812-en

aspackv2 persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d.exe

Resource

win10v2004-20220812-en

aspackv2 persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d
- Size
  
  292KB
- MD5
  
  a3ab57bec982261a8f2107be8462023d
- SHA1
  
  8c68c03075d90d71ce2f222314c9ef7b439cb08d
- SHA256
  
  dff8b3965ec4b96b84729469a90d3afdaab470e1d4140951feca16c86ea4950d
- SHA512
  
  6345b1768925f61c08ec2b43d046d61140cc7d3c427bebae18ee143839083ea16955d32f60d95b82bfdcf2b1f413168d497b95f12d22a377cf01ca2765d9b554
- SSDEEP
  
  6144:sN+HTr4epupP3/4YIJ8m1MxUyRzoVOBlYQflIGy:sNgrZ4P4BJTM6++OBlYERy
Score

8^/10

aspackv2 persistence upx
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Sets DLL path for service in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2persistenceupx

behavioral2

aspackv2persistenceupx

© 2018-2024

Terms | Privacy