Overview

overview

7

Static

static

3

09aa63833d...8b.exe

windows7-x64

7

09aa63833d...8b.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09aa63833de2e821a439fa990b2f6654528820fa80847d4d1e6993b2951b308b

  • Size

    188KB

  • Sample

    240521-xzvzlsff7z

  • MD5

    a2dc35967f1bf9fa2d5cce36c9c75097

  • SHA1

    294d883c6c95c3021810031d0a4f72fe2ca2d7f5

  • SHA256

    09aa63833de2e821a439fa990b2f6654528820fa80847d4d1e6993b2951b308b

  • SHA512

    f05922f9ee84dead9ce3335114774e9dc5f065566547d2b9403d43f7fb95ba85f08bca918a1a9a0a2977a533e9f1fcc39214cc7a9c2df72dfc3ce134325cec90

  • SSDEEP

    3072:JFg1IB4T8Kzqw69Qdh9muTJBk1TpaQpAaF6ynXOAg0Fuj0YTjCU2dyGCH:JayBqLqbYh9D2rdpAjAOn/L2dT

Score
7/10
aspackv2

Malware Config

Targets

    • Target

      09aa63833de2e821a439fa990b2f6654528820fa80847d4d1e6993b2951b308b

    • Size

      188KB

    • MD5

      a2dc35967f1bf9fa2d5cce36c9c75097

    • SHA1

      294d883c6c95c3021810031d0a4f72fe2ca2d7f5

    • SHA256

      09aa63833de2e821a439fa990b2f6654528820fa80847d4d1e6993b2951b308b

    • SHA512

      f05922f9ee84dead9ce3335114774e9dc5f065566547d2b9403d43f7fb95ba85f08bca918a1a9a0a2977a533e9f1fcc39214cc7a9c2df72dfc3ce134325cec90

    • SSDEEP

      3072:JFg1IB4T8Kzqw69Qdh9muTJBk1TpaQpAaF6ynXOAg0Fuj0YTjCU2dyGCH:JayBqLqbYh9D2rdpAjAOn/L2dT

    Score
    7/10
    aspackv2

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks