ff64314d0776d185e1165dc69e30cd7005f258c2d0b84f564b0ff647010d6387 | Triage

Sharing

General

Target

3affd056e18139b66a16230838ded800exe_JC.exe
Size

596KB
Sample

231013-b4ebrshf21
MD5

3affd056e18139b66a16230838ded800
SHA1

4f5f33bfbc11ed209d1aa4ae6d0232076b4025ff
SHA256

ff64314d0776d185e1165dc69e30cd7005f258c2d0b84f564b0ff647010d6387
SHA512

e82e0857adc2aa25e511b712fcd4579bd3ecd0b7bab5cafcf0432767a93c82da1fac08542e1c004be6fa229c6f662eab9993e37a63f428f436314ad1f15a5b9b
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  3affd056e18139b66a16230838ded800exe_JC.exe
- Size
  
  596KB
- MD5
  
  3affd056e18139b66a16230838ded800
- SHA1
  
  4f5f33bfbc11ed209d1aa4ae6d0232076b4025ff
- SHA256
  
  ff64314d0776d185e1165dc69e30cd7005f258c2d0b84f564b0ff647010d6387
- SHA512
  
  e82e0857adc2aa25e511b712fcd4579bd3ecd0b7bab5cafcf0432767a93c82da1fac08542e1c004be6fa229c6f662eab9993e37a63f428f436314ad1f15a5b9b
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence