76d242e559d5ef6b51004d35e76d1d6bce502aa50e859cafde00076d5bfebb07 | Triage

Sharing

General

Target

76d242e559d5ef6b51004d35e76d1d6bce502aa50e859cafde00076d5bfebb07
Size

890KB
Sample

221129-jewhracd3y
MD5

99fbc6e2d7e05810c575cc43fe6803ee
SHA1

4900aed2638acab53552793433932af0e5cac202
SHA256

76d242e559d5ef6b51004d35e76d1d6bce502aa50e859cafde00076d5bfebb07
SHA512

a28f7fafade82f4a4d178f7dbaacb12d12fc6e8d906eabb98c53d79e84d734fa8b996b7d434f7a9d9727050a28f03330154bd017f92b5088d7b66524a93bfeba
SSDEEP

24576:IOA+2afwizcKizkNriOXCW0q1I177rWozSTojL:IrR/iz9iOXsVVPBuc

Score

9^/10

aspackv2 evasion persistence

Malware Config

Targets

- Target
  
  76d242e559d5ef6b51004d35e76d1d6bce502aa50e859cafde00076d5bfebb07
- Size
  
  890KB
- MD5
  
  99fbc6e2d7e05810c575cc43fe6803ee
- SHA1
  
  4900aed2638acab53552793433932af0e5cac202
- SHA256
  
  76d242e559d5ef6b51004d35e76d1d6bce502aa50e859cafde00076d5bfebb07
- SHA512
  
  a28f7fafade82f4a4d178f7dbaacb12d12fc6e8d906eabb98c53d79e84d734fa8b996b7d434f7a9d9727050a28f03330154bd017f92b5088d7b66524a93bfeba
- SSDEEP
  
  24576:IOA+2afwizcKizkNriOXCW0q1I177rWozSTojL:IrR/iz9iOXsVVPBuc
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Modify Registry

Credential Access

Discovery

Software Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence