0d266a13cbce177d41a44cfa8ed11cd7208765dad00b3e063147356aefb79ddf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32465ff1ab97fba1a46b64946c0044a4_JaffaCakes118
Size

20KB
Sample

240709-2m2c3ssblf
MD5

32465ff1ab97fba1a46b64946c0044a4
SHA1

353d41ebbbe80ce3fff2d8166808839d22d4c501
SHA256

0d266a13cbce177d41a44cfa8ed11cd7208765dad00b3e063147356aefb79ddf
SHA512

b6f0969998c997ae264a16c506b142de92ba59f7ae3119a634b88c3152fdeb6921353888d5c669b1548cc634c4009387d17ec30c49e677463e8e16c485055419
SSDEEP

384:y03rgbPpKqIn7Y3AwlYY3YzlAxfr6+e9Pfqbn114:y0bYpKq4twlL3YaxOha51

Score

7^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  32465ff1ab97fba1a46b64946c0044a4_JaffaCakes118
- Size
  
  20KB
- MD5
  
  32465ff1ab97fba1a46b64946c0044a4
- SHA1
  
  353d41ebbbe80ce3fff2d8166808839d22d4c501
- SHA256
  
  0d266a13cbce177d41a44cfa8ed11cd7208765dad00b3e063147356aefb79ddf
- SHA512
  
  b6f0969998c997ae264a16c506b142de92ba59f7ae3119a634b88c3152fdeb6921353888d5c669b1548cc634c4009387d17ec30c49e677463e8e16c485055419
- SSDEEP
  
  384:y03rgbPpKqIn7Y3AwlYY3YzlAxfr6+e9Pfqbn114:y0bYpKq4twlL3YaxOha51
Score

7^/10

aspackv2 persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistence

behavioral2

aspackv2persistence