f014ec0b0093bdf1f0efab61924a395f157439c4349baf3221e5669649921dba | Triage

Sharing

General

Target

f014ec0b0093bdf1f0efab61924a395f157439c4349baf3221e5669649921dba
Size

852KB
Sample

221204-r32nnscg4z
MD5

aef5cf5d379fa5bc10d067ec809f706c
SHA1

307deb40ed93f3d72bdc0e49bf464780eb340522
SHA256

f014ec0b0093bdf1f0efab61924a395f157439c4349baf3221e5669649921dba
SHA512

cce8aae3d90649fd3a17e73fa545cfff01b0967b5bf2d52b5a2fa1f8ae7d4f873e2a9284b091f212d7c49ea06acd107922d61c1ce53cb4c141c6c1ac9b964644
SSDEEP

12288:8ECWV7qqVjZL1SDitwWBi8C+lPY2M2GAu1mt0LDwrepD:8eV7LXL1S+Syc+lPY2M84p

Score

8^/10

aspackv2 persistence spyware stealer

Malware Config

Targets

- Target
  
  f014ec0b0093bdf1f0efab61924a395f157439c4349baf3221e5669649921dba
- Size
  
  852KB
- MD5
  
  aef5cf5d379fa5bc10d067ec809f706c
- SHA1
  
  307deb40ed93f3d72bdc0e49bf464780eb340522
- SHA256
  
  f014ec0b0093bdf1f0efab61924a395f157439c4349baf3221e5669649921dba
- SHA512
  
  cce8aae3d90649fd3a17e73fa545cfff01b0967b5bf2d52b5a2fa1f8ae7d4f873e2a9284b091f212d7c49ea06acd107922d61c1ce53cb4c141c6c1ac9b964644
- SSDEEP
  
  12288:8ECWV7qqVjZL1SDitwWBi8C+lPY2M2GAu1mt0LDwrepD:8eV7LXL1S+Syc+lPY2M84p
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Replication Through Removable Media

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2