bab2fc78d4f20f07cac3de276f988b607c76a8df73e9486dc7daad20f0aba1ed | Triage

Sharing

General

Target

fe013063eae916027dbb3708c2a8165c_JaffaCakes118
Size

35KB
Sample

240421-atq25sed61
MD5

fe013063eae916027dbb3708c2a8165c
SHA1

c8bae8204f6a78ba7cdabbc8ce57381eb2083f65
SHA256

bab2fc78d4f20f07cac3de276f988b607c76a8df73e9486dc7daad20f0aba1ed
SHA512

18091c6c68c406c197cc1882c1b0c11cc1168dcbcc1636a49158106fa6bb44321a48b8eec5f20dfaeb4696d741a3d7dac028fa5de2825c240d9a727421cfed50
SSDEEP

768:UORY/ya24o3/zjiKJ8x065RAyBSefFyMfpYPIUO5xvha5O:RRY/ya2v3/zjiKJ8x06/vBlUMfpYPIUu

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  fe013063eae916027dbb3708c2a8165c_JaffaCakes118
- Size
  
  35KB
- MD5
  
  fe013063eae916027dbb3708c2a8165c
- SHA1
  
  c8bae8204f6a78ba7cdabbc8ce57381eb2083f65
- SHA256
  
  bab2fc78d4f20f07cac3de276f988b607c76a8df73e9486dc7daad20f0aba1ed
- SHA512
  
  18091c6c68c406c197cc1882c1b0c11cc1168dcbcc1636a49158106fa6bb44321a48b8eec5f20dfaeb4696d741a3d7dac028fa5de2825c240d9a727421cfed50
- SSDEEP
  
  768:UORY/ya24o3/zjiKJ8x065RAyBSefFyMfpYPIUO5xvha5O:RRY/ya2v3/zjiKJ8x06/vBlUMfpYPIUu
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence