bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c | Triage

Submit
Reports

Overview

overview

8

Static

static

1

bee03bc053...4c.exe

windows7-x64

8

bee03bc053...4c.exe

windows10-2004-x64

8

Sharing

General

Target

bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c
Size

5.1MB
Sample

221125-q5xxtsfc6z
MD5

24f50b04771abd5acb21d3c7e895595f
SHA1

e9b1d7429a399cf40a4280d742becae2fd2cad8c
SHA256

bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c
SHA512

f89ace9168be202da4f50c2c9d8d784d3d6dfa3dc2a8a50c1b709421116bfe93f9564b982288fb801c90ba251a659dbf37455485d1f77d066eb2e1af59c3ed98
SSDEEP

98304:eSqj0iqMNjm/sQDu6/oG5I7dbDNuajw9f91BJNkkVmzIr:eS+pQD2+EdbDbjCBNpr

Score

8^/10

aspackv2 persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c.exe

Resource

win7-20221111-en

aspackv2 persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c.exe

Resource

win10v2004-20220812-en

aspackv2 persistence

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c
- Size
  
  5.1MB
- MD5
  
  24f50b04771abd5acb21d3c7e895595f
- SHA1
  
  e9b1d7429a399cf40a4280d742becae2fd2cad8c
- SHA256
  
  bee03bc05372ef7c1ed5db7609f6f6478c5409a895c9c06815e49ff6e5dedb4c
- SHA512
  
  f89ace9168be202da4f50c2c9d8d784d3d6dfa3dc2a8a50c1b709421116bfe93f9564b982288fb801c90ba251a659dbf37455485d1f77d066eb2e1af59c3ed98
- SSDEEP
  
  98304:eSqj0iqMNjm/sQDu6/oG5I7dbDNuajw9f91BJNkkVmzIr:eS+pQD2+EdbDbjCBNpr
Score

8^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Creates new service(s)
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

New Service

Privilege Escalation

New Service

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence

© 2018-2024

Terms | Privacy