f84d3b3593b5f35de64fa48f4712783b93d332676e40b52953ae567dd4d82efa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40714ae423d776929aa5b86c50ddd187_JaffaCakes118
Size

1023KB
Sample

240713-gl43cs1apd
MD5

40714ae423d776929aa5b86c50ddd187
SHA1

241b9041adf631aa19cebc863b2f31d18920c5c2
SHA256

f84d3b3593b5f35de64fa48f4712783b93d332676e40b52953ae567dd4d82efa
SHA512

d2e6191e4e71c3810f4e6bb7d6b1602356fbbfe281cb94fb33a1797b8c84addbd8f7b19446a975752d89569eb0416364264a73339a3eec41bbe7adacdea7e669
SSDEEP

24576:ba/TQJ0GkpmsJq+IjLEt0GkpfpvfingjTMgq1v:OanMBTIXCnMVagT

Score

8^/10

aspackv2 evasion persistence privilege_escalation

Malware Config

Targets

- Target
  
  40714ae423d776929aa5b86c50ddd187_JaffaCakes118
- Size
  
  1023KB
- MD5
  
  40714ae423d776929aa5b86c50ddd187
- SHA1
  
  241b9041adf631aa19cebc863b2f31d18920c5c2
- SHA256
  
  f84d3b3593b5f35de64fa48f4712783b93d332676e40b52953ae567dd4d82efa
- SHA512
  
  d2e6191e4e71c3810f4e6bb7d6b1602356fbbfe281cb94fb33a1797b8c84addbd8f7b19446a975752d89569eb0416364264a73339a3eec41bbe7adacdea7e669
- SSDEEP
  
  24576:ba/TQJ0GkpmsJq+IjLEt0GkpfpvfingjTMgq1v:OanMBTIXCnMVagT
Score

8^/10

aspackv2 evasion persistence privilege_escalation
- Modifies Windows Firewall
  evasion
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2evasionpersistenceprivilege_escalation

behavioral2

aspackv2evasionpersistenceprivilege_escalation