e7073af56c1315be6162a4ad0d2a0423406ec8075bb7bf75f695b2a1245cb13a | Triage

Sharing

General

Target

fb124f1fb7ecfbdbd3c3bb399eda010d_JaffaCakes118
Size

3.0MB
Sample

240419-yvkhraeh8v
MD5

fb124f1fb7ecfbdbd3c3bb399eda010d
SHA1

ea354f7700d6e5adb076b39c8f8f3c77f3610669
SHA256

e7073af56c1315be6162a4ad0d2a0423406ec8075bb7bf75f695b2a1245cb13a
SHA512

e4ece643c3640acd92aa0ff666e4b3fb2b0ff3e4ee0b45541629ddbeac12789f8dab1eb5676fb72b9f31536ae0db613edde92f60096e9cbad26723f67e0cfd4f
SSDEEP

49152:2VfRnICzX0ilq3diw7WwG9/3BAYe48Bp2vS53MXF+HqCIyASSu7/Rqwuu:2VfRnVzFA3df7WZPXevBwrQqCIr4Jnz

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  fb124f1fb7ecfbdbd3c3bb399eda010d_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  fb124f1fb7ecfbdbd3c3bb399eda010d
- SHA1
  
  ea354f7700d6e5adb076b39c8f8f3c77f3610669
- SHA256
  
  e7073af56c1315be6162a4ad0d2a0423406ec8075bb7bf75f695b2a1245cb13a
- SHA512
  
  e4ece643c3640acd92aa0ff666e4b3fb2b0ff3e4ee0b45541629ddbeac12789f8dab1eb5676fb72b9f31536ae0db613edde92f60096e9cbad26723f67e0cfd4f
- SSDEEP
  
  49152:2VfRnICzX0ilq3diw7WwG9/3BAYe48Bp2vS53MXF+HqCIyASSu7/Rqwuu:2VfRnVzFA3df7WZPXevBwrQqCIr4Jnz
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence