a36a73ff0043a5348d263a6162d4a7ad2555bd21a2132b21f414562417d77a8e | Triage

Sharing

General

Target

a36a73ff0043a5348d263a6162d4a7ad2555bd21a2132b21f414562417d77a8e
Size

9.3MB
Sample

240612-femdas1ejr
MD5

fb577a5ad52537034837f812dc0788c2
SHA1

3881ecd1ee5bff926f6c3b6db57483dbd93a681b
SHA256

a36a73ff0043a5348d263a6162d4a7ad2555bd21a2132b21f414562417d77a8e
SHA512

d219e10903fc9a4d52710b3c9d0711c58135397fecc47ce7252574f42bdbd903a0dcb89ea43073aee760e5f1e429e2987d343878b48aade9f86edf73c5dcdcd4
SSDEEP

196608:8MD+cpvJ/4H3nmghWoa/fsysMF4JD85lckji6OScPrKOIuQbmafkfNciU7Iknt:8MFgXnU7sElcyfvcjPIuQbmagNGT

Score

9^/10

aspackv2 evasion

Malware Config

Targets

- Target
  
  a36a73ff0043a5348d263a6162d4a7ad2555bd21a2132b21f414562417d77a8e
- Size
  
  9.3MB
- MD5
  
  fb577a5ad52537034837f812dc0788c2
- SHA1
  
  3881ecd1ee5bff926f6c3b6db57483dbd93a681b
- SHA256
  
  a36a73ff0043a5348d263a6162d4a7ad2555bd21a2132b21f414562417d77a8e
- SHA512
  
  d219e10903fc9a4d52710b3c9d0711c58135397fecc47ce7252574f42bdbd903a0dcb89ea43073aee760e5f1e429e2987d343878b48aade9f86edf73c5dcdcd4
- SSDEEP
  
  196608:8MD+cpvJ/4H3nmghWoa/fsysMF4JD85lckji6OScPrKOIuQbmafkfNciU7Iknt:8MFgXnU7sElcyfvcjPIuQbmagNGT
Score

9^/10

aspackv2 evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2evasion

behavioral2

aspackv2evasion