47769a82ac9994bf50fdb7ff521d2364775afea3da02d55450448a25e6f94645

General

Target

06491799.exe
Size

770KB
Sample

230610-kvklvsfc21
MD5

8cd7c19b6dc76c116cdb84e369fd5d9a
SHA1

5e3ecd3e4ef8adc294db1e3525cdbde46b2b7ddc
SHA256

47769a82ac9994bf50fdb7ff521d2364775afea3da02d55450448a25e6f94645
SHA512

909d0a2ec4af33c374d7453926e5999badd2f9fa79d0648a7308f63911f673ae34ec275917999199e9fb3a669af5c4aa460e7639c5e346f261decd28b520039a
SSDEEP

24576:ePPNsFNARXFh0Gy9Gtgt09HlncQXZlFeI5D7Cj+o:RNkltHXXZlFeiHab

Score

7^/10

Malware Config

Targets

- Target
  
  06491799.exe
- Size
  
  770KB
- MD5
  
  8cd7c19b6dc76c116cdb84e369fd5d9a
- SHA1
  
  5e3ecd3e4ef8adc294db1e3525cdbde46b2b7ddc
- SHA256
  
  47769a82ac9994bf50fdb7ff521d2364775afea3da02d55450448a25e6f94645
- SHA512
  
  909d0a2ec4af33c374d7453926e5999badd2f9fa79d0648a7308f63911f673ae34ec275917999199e9fb3a669af5c4aa460e7639c5e346f261decd28b520039a
- SSDEEP
  
  24576:ePPNsFNARXFh0Gy9Gtgt09HlncQXZlFeI5D7Cj+o:RNkltHXXZlFeiHab
Score

7^/10

aspackv2 persistence upx discovery evasion trojan
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

2

T1112

Credential Access

Discovery

Query Registry

5

T1012

System Information Discovery

6

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

ASPack v2.12-2.42

Checks BIOS information in registry

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

UPX packed file

Adds Run key to start application

Checks installed software on the system

Checks whether UAC is enabled

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2