6d6abd6f968919e33ebca5056b28f249a2661e2bae0d41cd46f59ae65425f216 | Triage

Sharing

General

Target

6d6abd6f968919e33ebca5056b28f249a2661e2bae0d41cd46f59ae65425f216
Size

12.2MB
Sample

240529-b29pwsdb91
MD5

154fad917aa6598fc2722891b5f6bf94
SHA1

90d056782743aad79b33b0db3f6679597594b8d6
SHA256

6d6abd6f968919e33ebca5056b28f249a2661e2bae0d41cd46f59ae65425f216
SHA512

bb35d218dfcbeccc18334d5194a009e0eaede175368bbc3a509a293384101de53c2b69f6dc0c376426fab85d29d473a2c75e3c0f3278642227beddfbe77b5c4d
SSDEEP

196608:NZzrENt07+s5HLFekwdeyLXdIyzdMOMD+cpvJ/4H3nmghWoa/fsysMF4JD85loku:NZVzFdyvzdzMFgXnU7sEloy

Score

9^/10

aspackv2 evasion

Malware Config

Targets

- Target
  
  6d6abd6f968919e33ebca5056b28f249a2661e2bae0d41cd46f59ae65425f216
- Size
  
  12.2MB
- MD5
  
  154fad917aa6598fc2722891b5f6bf94
- SHA1
  
  90d056782743aad79b33b0db3f6679597594b8d6
- SHA256
  
  6d6abd6f968919e33ebca5056b28f249a2661e2bae0d41cd46f59ae65425f216
- SHA512
  
  bb35d218dfcbeccc18334d5194a009e0eaede175368bbc3a509a293384101de53c2b69f6dc0c376426fab85d29d473a2c75e3c0f3278642227beddfbe77b5c4d
- SSDEEP
  
  196608:NZzrENt07+s5HLFekwdeyLXdIyzdMOMD+cpvJ/4H3nmghWoa/fsysMF4JD85loku:NZVzFdyvzdzMFgXnU7sEloy
Score

9^/10

aspackv2 evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2evasion

behavioral2