Overview

overview

8

Static

static

1

.html

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    .

  • Size

    147KB

  • Sample

    240420-xcyf8afe5v

  • MD5

    58ad053e7ef750e9972ca2eb69da9b03

  • SHA1

    05fd28c756ae5db842e87b2d99db826974fdcbad

  • SHA256

    fa7643a630d4147161d19fd5322c9298a26c2df76d355f7e2536cded87162855

  • SHA512

    14a092d0f84349d31a5407ac1f20930dfdb29193d47a83170336888fbdc83ec1a060285683d8f190a6fee987685c79b9c18321a51ddcda4437a2c752ba6b9bee

  • SSDEEP

    1536:ogkud8LonVJoqYarK4DsYNgRyypRMPuNPV5nPztP4FPfaParP8R4DJ2PWTllU0r4:HkPL6WVMllhAYnHhqiS

Score
8/10
aspackv2evasion

Malware Config

Targets

    • Target

      .

    • Size

      147KB

    • MD5

      58ad053e7ef750e9972ca2eb69da9b03

    • SHA1

      05fd28c756ae5db842e87b2d99db826974fdcbad

    • SHA256

      fa7643a630d4147161d19fd5322c9298a26c2df76d355f7e2536cded87162855

    • SHA512

      14a092d0f84349d31a5407ac1f20930dfdb29193d47a83170336888fbdc83ec1a060285683d8f190a6fee987685c79b9c18321a51ddcda4437a2c752ba6b9bee

    • SSDEEP

      1536:ogkud8LonVJoqYarK4DsYNgRyypRMPuNPV5nPztP4FPfaParP8R4DJ2PWTllU0r4:HkPL6WVMllhAYnHhqiS

    Score
    8/10
    aspackv2evasion

    • Disables Task Manager via registry modification

      evasion

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks