Overview

overview

7

Static

static

3

b4a192406d...43.exe

windows7-x64

7

b4a192406d...43.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4a192406d884b883010ab750cf51a1abb39e1e499527c3336c1c29179cfa543

  • Size

    181KB

  • Sample

    230607-yh1zzafb69

  • MD5

    e4af76b8468bdda40759b9dba353158a

  • SHA1

    1be63fb5990422544cc5291c44ac3b244e03a33f

  • SHA256

    b4a192406d884b883010ab750cf51a1abb39e1e499527c3336c1c29179cfa543

  • SHA512

    d6bb952dec307c763d392312fc028728b77cce53d8bb96a8d7594ccc02bacf9bda39e4e1c2b574db7621a972bfa75747db33d4234ca424ff791581fc91859d73

  • SSDEEP

    3072:viFx+MrcRKO6ZWpY+38pa6XZNkPNfBACgg7gy0umoF8G:viFI7RKOj5gbXZNkO4gZVob

Score
7/10
aspackv2

Malware Config

Targets

    • Target

      b4a192406d884b883010ab750cf51a1abb39e1e499527c3336c1c29179cfa543

    • Size

      181KB

    • MD5

      e4af76b8468bdda40759b9dba353158a

    • SHA1

      1be63fb5990422544cc5291c44ac3b244e03a33f

    • SHA256

      b4a192406d884b883010ab750cf51a1abb39e1e499527c3336c1c29179cfa543

    • SHA512

      d6bb952dec307c763d392312fc028728b77cce53d8bb96a8d7594ccc02bacf9bda39e4e1c2b574db7621a972bfa75747db33d4234ca424ff791581fc91859d73

    • SSDEEP

      3072:viFx+MrcRKO6ZWpY+38pa6XZNkPNfBACgg7gy0umoF8G:viFI7RKOj5gbXZNkO4gZVob

    Score
    7/10
    aspackv2

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks