34092a00c01e1eea8a4c2ef603309bee75222e91fdc12aead3fbef2318214318 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54172b7eb7cf8275ddffc379826e1b50
Size

523KB
Sample

231226-e28z5sehc8
MD5

54172b7eb7cf8275ddffc379826e1b50
SHA1

3d1c9476085b1731a0896c236d19c5c08ccec1a9
SHA256

34092a00c01e1eea8a4c2ef603309bee75222e91fdc12aead3fbef2318214318
SHA512

2b7a2bb1c5877846a146e14ff49c18ae14cce1a24c00feed0c044d04f90802003e5465287296eaffedb1201d977bc75bf7aa4278d1ba3338e6e72afcb8b10cca
SSDEEP

12288:+0pNPLw70YxBxhuwxXENM4+1Scxaa2UUDAqqFqqFqqJJ:Bp91Y/HEO/1SqZUsqMqMqs

Score

9^/10

aspackv2 evasion

Malware Config

Targets

- Target
  
  54172b7eb7cf8275ddffc379826e1b50
- Size
  
  523KB
- MD5
  
  54172b7eb7cf8275ddffc379826e1b50
- SHA1
  
  3d1c9476085b1731a0896c236d19c5c08ccec1a9
- SHA256
  
  34092a00c01e1eea8a4c2ef603309bee75222e91fdc12aead3fbef2318214318
- SHA512
  
  2b7a2bb1c5877846a146e14ff49c18ae14cce1a24c00feed0c044d04f90802003e5465287296eaffedb1201d977bc75bf7aa4278d1ba3338e6e72afcb8b10cca
- SSDEEP
  
  12288:+0pNPLw70YxBxhuwxXENM4+1Scxaa2UUDAqqFqqFqqJJ:Bp91Y/HEO/1SqZUsqMqMqs
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2