97f5d4fc087f3989c573da34fb67e813497c111184fc54fa9b3dd444a0ee4107 | Triage

Sharing

General

Target

97f5d4fc087f3989c573da34fb67e813497c111184fc54fa9b3dd444a0ee4107
Size

595KB
Sample

221128-gmj4kseh2z
MD5

d92a911f1eba452431a46ea7c3548e25
SHA1

4f33adc5580d34a168cedc3776811658d3b5edf1
SHA256

97f5d4fc087f3989c573da34fb67e813497c111184fc54fa9b3dd444a0ee4107
SHA512

c673a3ae783b2d0b9126d86fb53869a34c89ebf14c3353a6fa14ee8540a5bd4485f151815fb80e82e11cc0445ef2239450e463bb5228dbbcc5d0e90e324db59f
SSDEEP

12288:ajoLulNd1+QxCF+Ddt8axK1eCxW0lyONdl54W4mSudHuJ63:ajoEX1JxtmsnkBZSeuM3

Score

9^/10

aspackv2 evasion

Malware Config

Targets

- Target
  
  97f5d4fc087f3989c573da34fb67e813497c111184fc54fa9b3dd444a0ee4107
- Size
  
  595KB
- MD5
  
  d92a911f1eba452431a46ea7c3548e25
- SHA1
  
  4f33adc5580d34a168cedc3776811658d3b5edf1
- SHA256
  
  97f5d4fc087f3989c573da34fb67e813497c111184fc54fa9b3dd444a0ee4107
- SHA512
  
  c673a3ae783b2d0b9126d86fb53869a34c89ebf14c3353a6fa14ee8540a5bd4485f151815fb80e82e11cc0445ef2239450e463bb5228dbbcc5d0e90e324db59f
- SSDEEP
  
  12288:ajoLulNd1+QxCF+Ddt8axK1eCxW0lyONdl54W4mSudHuJ63:ajoEX1JxtmsnkBZSeuM3
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Software Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2