3ff71c4f7c7d80fa3c11b02ba67ab39c80074a3beca5a81d4114dd8b65624ac2 | Triage

Sharing

General

Target

017bfea92cd48f255ce0f90c507a2733_JaffaCakes118
Size

25KB
Sample

240620-a13phstelj
MD5

017bfea92cd48f255ce0f90c507a2733
SHA1

44c5d165776ac972c3a65ff9b4269c204b1e97c7
SHA256

3ff71c4f7c7d80fa3c11b02ba67ab39c80074a3beca5a81d4114dd8b65624ac2
SHA512

e28637f766a246399e16143df9e3531c6cea21127af8545b765632a4d680e8ef81b3639cf14df1792c0479631359a6e2f534be15a417bef1b7dd67598178c447
SSDEEP

384:4+CVgZ6r8zo4xnMbMsp/ut5y/E4DXyaOZAgAxzr6+e9Pfqbn15:4+SgZ6r8o4KhcwE4DXyaxKha55

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  017bfea92cd48f255ce0f90c507a2733_JaffaCakes118
- Size
  
  25KB
- MD5
  
  017bfea92cd48f255ce0f90c507a2733
- SHA1
  
  44c5d165776ac972c3a65ff9b4269c204b1e97c7
- SHA256
  
  3ff71c4f7c7d80fa3c11b02ba67ab39c80074a3beca5a81d4114dd8b65624ac2
- SHA512
  
  e28637f766a246399e16143df9e3531c6cea21127af8545b765632a4d680e8ef81b3639cf14df1792c0479631359a6e2f534be15a417bef1b7dd67598178c447
- SSDEEP
  
  384:4+CVgZ6r8zo4xnMbMsp/ut5y/E4DXyaOZAgAxzr6+e9Pfqbn15:4+SgZ6r8o4KhcwE4DXyaxKha55
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence