71057fe415ea84d60d3726f76bd0b8c6cf9e3d3c497ff4c4430bb00e9e2d7564 | Triage

Sharing

General

Target

fb27c3bda77b88cb1d9cc1a21eb002ef_JaffaCakes118
Size

137KB
Sample

240419-zslhpsfd67
MD5

fb27c3bda77b88cb1d9cc1a21eb002ef
SHA1

a8492ccfdf087f395dc181fb1a5a97467a7623a5
SHA256

71057fe415ea84d60d3726f76bd0b8c6cf9e3d3c497ff4c4430bb00e9e2d7564
SHA512

38267a7134fd185bb3e98cb8023d170ffa61809fa79a1a59b72ea60604fb8072d9cdb6064ec62d9c3574393b372f2acaea9ce8c7eec2710b5b64459539b7dfef
SSDEEP

3072:vxMbSP2gXggMDtbpzn+DlsMSh6Do4fgPqaht7UA+ZSrLP2o:vCbS+QU1zn+DlsXh6kpPqaDUd0/P2

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  fb27c3bda77b88cb1d9cc1a21eb002ef_JaffaCakes118
- Size
  
  137KB
- MD5
  
  fb27c3bda77b88cb1d9cc1a21eb002ef
- SHA1
  
  a8492ccfdf087f395dc181fb1a5a97467a7623a5
- SHA256
  
  71057fe415ea84d60d3726f76bd0b8c6cf9e3d3c497ff4c4430bb00e9e2d7564
- SHA512
  
  38267a7134fd185bb3e98cb8023d170ffa61809fa79a1a59b72ea60604fb8072d9cdb6064ec62d9c3574393b372f2acaea9ce8c7eec2710b5b64459539b7dfef
- SSDEEP
  
  3072:vxMbSP2gXggMDtbpzn+DlsMSh6Do4fgPqaht7UA+ZSrLP2o:vCbS+QU1zn+DlsXh6kpPqaDUd0/P2
Score

7^/10

persistence aspackv2
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

aspackv2persistence