c76a2b2c274c4a6f52687a7d80ef1c9dd61bfc0b5613160182f203f4c03dac31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c76a2b2c274c4a6f52687a7d80ef1c9dd61bfc0b5613160182f203f4c03dac31
Size

34KB
Sample

221205-t128jafh93
MD5

3acfcb56aa4b3c4aa10ded3403465479
SHA1

907c351f3cec9279cbd57a8b8c151c149e9e32b6
SHA256

c76a2b2c274c4a6f52687a7d80ef1c9dd61bfc0b5613160182f203f4c03dac31
SHA512

616fa485c668c9789e1ad51392b2ea13990d5e1c78d9c27e02653f2e9d2ad58d86a1fbb70e3f05abf31ae6e28de236cc42cc5e1ecb37a2c0a540b025cbb4df7e
SSDEEP

768:ridu14eob3h+LmSZ7xOha5k1wrK/FYIvOdRngssruMKMZMxuha5:reu1MV+LmSZQ1wrKFY/dRngssrrKM3

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  c76a2b2c274c4a6f52687a7d80ef1c9dd61bfc0b5613160182f203f4c03dac31
- Size
  
  34KB
- MD5
  
  3acfcb56aa4b3c4aa10ded3403465479
- SHA1
  
  907c351f3cec9279cbd57a8b8c151c149e9e32b6
- SHA256
  
  c76a2b2c274c4a6f52687a7d80ef1c9dd61bfc0b5613160182f203f4c03dac31
- SHA512
  
  616fa485c668c9789e1ad51392b2ea13990d5e1c78d9c27e02653f2e9d2ad58d86a1fbb70e3f05abf31ae6e28de236cc42cc5e1ecb37a2c0a540b025cbb4df7e
- SSDEEP
  
  768:ridu14eob3h+LmSZ7xOha5k1wrK/FYIvOdRngssruMKMZMxuha5:reu1MV+LmSZQ1wrKFY/dRngssrrKM3
Score

8^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

aspackv2persistence