5bd73b69cfbe867d75e0a5d67dad233aa53dc74fc203a3820e354df990fa866a | Triage

Sharing

General

Target

fb1bdbc51ff600dceb46922de61f78e3_JaffaCakes118
Size

3.0MB
Sample

240419-y94vyafe5y
MD5

fb1bdbc51ff600dceb46922de61f78e3
SHA1

a7e70d40e0384b4701eae530f640c7064eb9e5e5
SHA256

5bd73b69cfbe867d75e0a5d67dad233aa53dc74fc203a3820e354df990fa866a
SHA512

94947d0168e9e28cea602faac0cf972029fec3142c9903656e22633e95ff49d78cf055f6662841abf385197c52ad51a26072b40fb0f1c9fef2955ed83624ce9b
SSDEEP

98304:Gso0GTcyrd9zqyYeqvI2pjc0fgXA7SkI+k9Wmf:xmTcs9zfuvIojc0fgQ7O+Qx

Score

10^/10

aspackv2 evasion persistence trojan

Malware Config

Targets

- Target
  
  fb1bdbc51ff600dceb46922de61f78e3_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  fb1bdbc51ff600dceb46922de61f78e3
- SHA1
  
  a7e70d40e0384b4701eae530f640c7064eb9e5e5
- SHA256
  
  5bd73b69cfbe867d75e0a5d67dad233aa53dc74fc203a3820e354df990fa866a
- SHA512
  
  94947d0168e9e28cea602faac0cf972029fec3142c9903656e22633e95ff49d78cf055f6662841abf385197c52ad51a26072b40fb0f1c9fef2955ed83624ce9b
- SSDEEP
  
  98304:Gso0GTcyrd9zqyYeqvI2pjc0fgXA7SkI+k9Wmf:xmTcs9zfuvIojc0fgQ7O+Qx
Score

10^/10

aspackv2 evasion persistence trojan
- UAC bypass
  evasion trojan
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

aspackv2evasionpersistencetrojan

behavioral2

aspackv2persistence