Overview

overview

8

Static

static

a038aac591...31.exe

windows7-x64

8

a038aac591...31.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a038aac59192be4a1f73fa83e12396938fb932a0d82bc1bb48ea850e02e67431

  • Size

    265KB

  • Sample

    221129-hnhgtafa24

  • MD5

    43ce4f94cd4cbd6f595167ad339c8e22

  • SHA1

    462b5fe8d9bc7f0f691272174ae2542ccbddb44e

  • SHA256

    a038aac59192be4a1f73fa83e12396938fb932a0d82bc1bb48ea850e02e67431

  • SHA512

    033a76c8ab45385c1c81d6f17e027b16292b5ffca6801272a7f0686879d20af2621a1e8aec29c7f14ab894f35d24b37d77813cf159c5e7360abe8e3429c857a9

  • SSDEEP

    3072:+GIks//VPScleKR82KZoOyrmv21MAMvV6XUst1rCVU3yqtNOyEbh5WHZKsD4tkjb:/Iks/kcleui+/1R92UiqtNXUaZBgk6e

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      a038aac59192be4a1f73fa83e12396938fb932a0d82bc1bb48ea850e02e67431

    • Size

      265KB

    • MD5

      43ce4f94cd4cbd6f595167ad339c8e22

    • SHA1

      462b5fe8d9bc7f0f691272174ae2542ccbddb44e

    • SHA256

      a038aac59192be4a1f73fa83e12396938fb932a0d82bc1bb48ea850e02e67431

    • SHA512

      033a76c8ab45385c1c81d6f17e027b16292b5ffca6801272a7f0686879d20af2621a1e8aec29c7f14ab894f35d24b37d77813cf159c5e7360abe8e3429c857a9

    • SSDEEP

      3072:+GIks//VPScleKR82KZoOyrmv21MAMvV6XUst1rCVU3yqtNOyEbh5WHZKsD4tkjb:/Iks/kcleui+/1R92UiqtNXUaZBgk6e

    Score
    8/10
    aspackv2persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks