Overview

overview

10

Static

static

8

db607ccab1...b9.exe

windows7-x64

10

db607ccab1...b9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db607ccab1f0da4f594402d9f1daec1db23e08516b696eb928f033606541aab9

  • Size

    199KB

  • Sample

    221129-jzvryseb3z

  • MD5

    880e73005f5fdc84c217a5d0e21fa590

  • SHA1

    c706da711e63601f1707ac2c462630aec299b4df

  • SHA256

    db607ccab1f0da4f594402d9f1daec1db23e08516b696eb928f033606541aab9

  • SHA512

    876bf204fe376d6cb96860ff9aa3377cb0b199da87a2515a3e601e7deb9c1321eaab383a11f4f0bdf6e1921727a598423846471671cabd32a49b45122300465b

  • SSDEEP

    6144:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HW1kyAp6:ZMMpXKb0hNGh1kG0HWnA0

Score
10/10
aspackv2persistence

Malware Config

Targets

    • Target

      db607ccab1f0da4f594402d9f1daec1db23e08516b696eb928f033606541aab9

    • Size

      199KB

    • MD5

      880e73005f5fdc84c217a5d0e21fa590

    • SHA1

      c706da711e63601f1707ac2c462630aec299b4df

    • SHA256

      db607ccab1f0da4f594402d9f1daec1db23e08516b696eb928f033606541aab9

    • SHA512

      876bf204fe376d6cb96860ff9aa3377cb0b199da87a2515a3e601e7deb9c1321eaab383a11f4f0bdf6e1921727a598423846471671cabd32a49b45122300465b

    • SSDEEP

      6144:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HW1kyAp6:ZMMpXKb0hNGh1kG0HWnA0

    Score
    10/10
    aspackv2persistence

    • Modifies WinLogon for persistence

      persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks