d871173a9649bab59add9bb554ad2dfd3f40119aaffead044540a9232359c8cc | Triage

Sharing

General

Target

033c9a85e47a5e4488031a49755f0d20_JC.exe
Size

633KB
Sample

231013-ca6plabh48
MD5

033c9a85e47a5e4488031a49755f0d20
SHA1

15ec56f362cfa95ba9db5acd592868357d656107
SHA256

d871173a9649bab59add9bb554ad2dfd3f40119aaffead044540a9232359c8cc
SHA512

9a2da28b689afbbbe1461418d48f2006ab60930c34b9400f941e32bf9076ce699819a92689f913475a37e14fc209f20dd948238f105150b25ac2748c60d4dd12
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  033c9a85e47a5e4488031a49755f0d20_JC.exe
- Size
  
  633KB
- MD5
  
  033c9a85e47a5e4488031a49755f0d20
- SHA1
  
  15ec56f362cfa95ba9db5acd592868357d656107
- SHA256
  
  d871173a9649bab59add9bb554ad2dfd3f40119aaffead044540a9232359c8cc
- SHA512
  
  9a2da28b689afbbbe1461418d48f2006ab60930c34b9400f941e32bf9076ce699819a92689f913475a37e14fc209f20dd948238f105150b25ac2748c60d4dd12
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence