5d542b717edb20184adf5d24e78e325b21087212c4aff26028174c4b74d8dbc0 | Triage

Sharing

General

Target

79b4dba41f216ff4890ecd5d3529654e
Size

764KB
Sample

240127-jyfxeahghq
MD5

79b4dba41f216ff4890ecd5d3529654e
SHA1

a250d93abed7c4f7f459b1cb0f956aba13f691b6
SHA256

5d542b717edb20184adf5d24e78e325b21087212c4aff26028174c4b74d8dbc0
SHA512

f5bcc2fbb2db8c851648088f04dbc8f8b43fc69b71127a90036894a83c6da983a67519710a918475efedda76a95eef600abe9c39b1b2e08053b0ccdccc9e6e02
SSDEEP

12288:v1b6EruDubGuTYMwXyBUvh++IK0LiJQO7b7+RrDxtftG8Kv:v1b6WbvwskcKZQibSD30

Score

9^/10

aspackv2 evasion

Malware Config

Targets

- Target
  
  79b4dba41f216ff4890ecd5d3529654e
- Size
  
  764KB
- MD5
  
  79b4dba41f216ff4890ecd5d3529654e
- SHA1
  
  a250d93abed7c4f7f459b1cb0f956aba13f691b6
- SHA256
  
  5d542b717edb20184adf5d24e78e325b21087212c4aff26028174c4b74d8dbc0
- SHA512
  
  f5bcc2fbb2db8c851648088f04dbc8f8b43fc69b71127a90036894a83c6da983a67519710a918475efedda76a95eef600abe9c39b1b2e08053b0ccdccc9e6e02
- SSDEEP
  
  12288:v1b6EruDubGuTYMwXyBUvh++IK0LiJQO7b7+RrDxtftG8Kv:v1b6WbvwskcKZQibSD30
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2