Overview

overview

8

Static

static

7

17820a3f5b...7e.exe

windows7-x64

8

17820a3f5b...7e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17820a3f5b449a18367048096f35e07e

  • Size

    187KB

  • Sample

    231225-mlyhgagah4

  • MD5

    17820a3f5b449a18367048096f35e07e

  • SHA1

    ac1b5befc490f4ebaa0276e17f18918d002892a3

  • SHA256

    94421be3f113142c7f2703720069fbe8cbf24bca5d415255ec732a7963ec37b0

  • SHA512

    578a2e3048d2cbc8fd4d1b1f0e8542418ef6ba920380690a4311ca9978c662d2897a41d2c36ac6669d9b26520e15eac17f3517f7cdfa781954074afb32b7cd3c

  • SSDEEP

    3072:GYpYkfmmuJDJMCrUEk0WLLBjMw26RVTk3V2r65W2/YRPHAp7nvSozjFur:G4YSjuoCrfs2EW3Mr61aHAhnvDR

Score
8/10
aspackv2persistence

Malware Config

Targets

    • Target

      17820a3f5b449a18367048096f35e07e

    • Size

      187KB

    • MD5

      17820a3f5b449a18367048096f35e07e

    • SHA1

      ac1b5befc490f4ebaa0276e17f18918d002892a3

    • SHA256

      94421be3f113142c7f2703720069fbe8cbf24bca5d415255ec732a7963ec37b0

    • SHA512

      578a2e3048d2cbc8fd4d1b1f0e8542418ef6ba920380690a4311ca9978c662d2897a41d2c36ac6669d9b26520e15eac17f3517f7cdfa781954074afb32b7cd3c

    • SSDEEP

      3072:GYpYkfmmuJDJMCrUEk0WLLBjMw26RVTk3V2r65W2/YRPHAp7nvSozjFur:G4YSjuoCrfs2EW3Mr61aHAhnvDR

    Score
    8/10
    aspackv2persistence

    • Modifies Installed Components in the registry

      persistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks