Overview

overview

10

Static

static

7

0cc956e3f4...ed.exe

windows7-x64

10

0cc956e3f4...ed.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0cc956e3f4befedd16d3f49ae9a269ed

  • Size

    1.1MB

  • Sample

    231230-dwfkzadfc2

  • MD5

    0cc956e3f4befedd16d3f49ae9a269ed

  • SHA1

    a69268d42b52acee28051af2dc97397a1e42a980

  • SHA256

    0a5e820027608f1aa3a807cd0ffa3d9d8c20ee0caebded53cfe95137fa9164b0

  • SHA512

    21103d13232091f3a86984b32712e60b603aa63c9a2ac72bae6813f1be2ae1e2d7bdbfe6e83548ddff7941753f6281cb91a5410270834cb1f9e1c4b73bcee6e2

  • SSDEEP

    12288:zMMpXKb0hNGh1kG0HWNAuCsltHlYzU+Wg7:zMMpXS0hN0V0HDIHyow

Score
10/10
aspackv2persistenceransomware

Malware Config

Targets

    • Target

      0cc956e3f4befedd16d3f49ae9a269ed

    • Size

      1.1MB

    • MD5

      0cc956e3f4befedd16d3f49ae9a269ed

    • SHA1

      a69268d42b52acee28051af2dc97397a1e42a980

    • SHA256

      0a5e820027608f1aa3a807cd0ffa3d9d8c20ee0caebded53cfe95137fa9164b0

    • SHA512

      21103d13232091f3a86984b32712e60b603aa63c9a2ac72bae6813f1be2ae1e2d7bdbfe6e83548ddff7941753f6281cb91a5410270834cb1f9e1c4b73bcee6e2

    • SSDEEP

      12288:zMMpXKb0hNGh1kG0HWNAuCsltHlYzU+Wg7:zMMpXS0hN0V0HDIHyow

    Score
    10/10
    aspackv2persistenceransomware

    • Modifies WinLogon for persistence

      persistence

    • Renames multiple (91) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks