Overview

overview

8

Static

static

8

c16a1691b7...08.exe

windows7-x64

6

c16a1691b7...08.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c16a1691b7a36a75c52582d03294db5df022a1760099ec552d639e3fe0f9cb08

  • Size

    2.6MB

  • Sample

    221128-dtxfpsfb3x

  • MD5

    ad59b4ac335954b8cd31d235d42a11e4

  • SHA1

    1ad2ddf9bf3a9a3ee27d8e9a25a7aaa5f6537391

  • SHA256

    c16a1691b7a36a75c52582d03294db5df022a1760099ec552d639e3fe0f9cb08

  • SHA512

    72b9b8dd8f4b453ab477aa5116eeec5e0afee3f4d5f5c6f68d431f7926e073ca17a88773ce93e2a37765ad215709eddf7ba15ecd4321ddf43f4a2043460b199a

  • SSDEEP

    49152:MV7IirObV7IirObV7IirObV7IirOLljrZqhaK6zbfqdl6A:MsirOZsirOZsirOZsirOdxtA

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      c16a1691b7a36a75c52582d03294db5df022a1760099ec552d639e3fe0f9cb08

    • Size

      2.6MB

    • MD5

      ad59b4ac335954b8cd31d235d42a11e4

    • SHA1

      1ad2ddf9bf3a9a3ee27d8e9a25a7aaa5f6537391

    • SHA256

      c16a1691b7a36a75c52582d03294db5df022a1760099ec552d639e3fe0f9cb08

    • SHA512

      72b9b8dd8f4b453ab477aa5116eeec5e0afee3f4d5f5c6f68d431f7926e073ca17a88773ce93e2a37765ad215709eddf7ba15ecd4321ddf43f4a2043460b199a

    • SSDEEP

      49152:MV7IirObV7IirObV7IirObV7IirOLljrZqhaK6zbfqdl6A:MsirOZsirOZsirOZsirOdxtA

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks