cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d | Triage

Submit
Reports

Overview

overview

8

Static

static

8

cad92167f1...1d.exe

windows7-x64

8

cad92167f1...1d.exe

windows10-2004-x64

8

Sharing

General

Target

cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d
Size

324KB
Sample

221128-csr9xsgd73
MD5

81ce949bf717b5232928506f681eaafb
SHA1

16ddf9e90e365539b909d1374561abcc4425070f
SHA256

cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d
SHA512

e1f72e7502f1f4439a5d700c749dfbf5ccd08aed4d0a3d50bb080afe92a206d37849652e6eee6faca46a6b7c6afad4e6a3cd1e404ceb45bbaf42c3df5bb8b3b8
SSDEEP

6144:d/j5C+EV3/4YIJ8m1MxUyRzoVOBlYQflIGE:d/s++P4BJTM6++OBlYERE

Score

8^/10

aspackv2 persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d.exe

Resource

win7-20220812-en

aspackv2 persistence upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d.exe

Resource

win10v2004-20220901-en

aspackv2 persistence upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d
- Size
  
  324KB
- MD5
  
  81ce949bf717b5232928506f681eaafb
- SHA1
  
  16ddf9e90e365539b909d1374561abcc4425070f
- SHA256
  
  cad92167f1485252bcdb5a3824c66be38886b8ad333102cad575bc3325ad691d
- SHA512
  
  e1f72e7502f1f4439a5d700c749dfbf5ccd08aed4d0a3d50bb080afe92a206d37849652e6eee6faca46a6b7c6afad4e6a3cd1e404ceb45bbaf42c3df5bb8b3b8
- SSDEEP
  
  6144:d/j5C+EV3/4YIJ8m1MxUyRzoVOBlYQflIGE:d/s++P4BJTM6++OBlYERE
Score

8^/10

aspackv2 persistence upx
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Sets DLL path for service in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2persistenceupx

behavioral2

aspackv2persistenceupx

© 2018-2024

Terms | Privacy