6ef6c7c718055b9e28dc1d549518f55f2abb782ee7678238c11954d774a0b401 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ef6c7c718055b9e28dc1d549518f55f2abb782ee7678238c11954d774a0b401
Size

30KB
Sample

221130-29mhfaha7s
MD5

9ac93e5ad2b0f037673c0367c48cfa22
SHA1

0ca00b74060aa2d5b9610d67168f880cdee55649
SHA256

6ef6c7c718055b9e28dc1d549518f55f2abb782ee7678238c11954d774a0b401
SHA512

d00f884df88ef1a650df00592ca741bb50e30dedaba60de45be5cc96f2067a24d4278f935b61a6e8ed361a48ea1ce79244c757d8842c8495f5d9ccc95bc8ddf6
SSDEEP

768:k7YR9km6AyOH0O/yCL3l91VG7wmmIVhvZD2xFdeV:5MWH5/f3fGkmRVhvZDC

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  6ef6c7c718055b9e28dc1d549518f55f2abb782ee7678238c11954d774a0b401
- Size
  
  30KB
- MD5
  
  9ac93e5ad2b0f037673c0367c48cfa22
- SHA1
  
  0ca00b74060aa2d5b9610d67168f880cdee55649
- SHA256
  
  6ef6c7c718055b9e28dc1d549518f55f2abb782ee7678238c11954d774a0b401
- SHA512
  
  d00f884df88ef1a650df00592ca741bb50e30dedaba60de45be5cc96f2067a24d4278f935b61a6e8ed361a48ea1ce79244c757d8842c8495f5d9ccc95bc8ddf6
- SSDEEP
  
  768:k7YR9km6AyOH0O/yCL3l91VG7wmmIVhvZD2xFdeV:5MWH5/f3fGkmRVhvZDC
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2