Overview

overview

8

Static

static

8

c13d44b167...d1.exe

windows7-x64

6

c13d44b167...d1.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c13d44b1674320a50c42a6a5d59533a511ab74d97bf3be6756ac0895f2f9b2d1

  • Size

    4.1MB

  • Sample

    221128-czjlcsch6w

  • MD5

    ad6c9ea78e9fa8ab5aff5a7dd88215c9

  • SHA1

    1480bb6ceeb6c4bd5c37523c4e389afe890b6754

  • SHA256

    c13d44b1674320a50c42a6a5d59533a511ab74d97bf3be6756ac0895f2f9b2d1

  • SHA512

    fff51939887ffbbb409e969e2471019133c6e9d1e53495b775e5d0669f44b538e742dbb400d3e404311acb08c7a67dd0cb4a012bb103007af545e9cefa31e78f

  • SSDEEP

    49152:DrOVuOsLfUNv9M0GoJdXN0BMOwLloBrugyCWlIssZLi5lKr+ohKPgssSt2gzcY/+:DrOD9XJdXN0B7+s/GU9hv7Sti7

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      c13d44b1674320a50c42a6a5d59533a511ab74d97bf3be6756ac0895f2f9b2d1

    • Size

      4.1MB

    • MD5

      ad6c9ea78e9fa8ab5aff5a7dd88215c9

    • SHA1

      1480bb6ceeb6c4bd5c37523c4e389afe890b6754

    • SHA256

      c13d44b1674320a50c42a6a5d59533a511ab74d97bf3be6756ac0895f2f9b2d1

    • SHA512

      fff51939887ffbbb409e969e2471019133c6e9d1e53495b775e5d0669f44b538e742dbb400d3e404311acb08c7a67dd0cb4a012bb103007af545e9cefa31e78f

    • SSDEEP

      49152:DrOVuOsLfUNv9M0GoJdXN0BMOwLloBrugyCWlIssZLi5lKr+ohKPgssSt2gzcY/+:DrOD9XJdXN0B7+s/GU9hv7Sti7

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks