10faad0020336253156d634fe62ffd55784e00c54e6c5befd703d03e8cc15ef5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2ebacdddafa21d01fb61c11a91c0c30N.exe
Size

137KB
Sample

240716-lzl6xszbre
MD5

a2ebacdddafa21d01fb61c11a91c0c30
SHA1

9d57997fa6e6090f3615e5be896bde420220db18
SHA256

10faad0020336253156d634fe62ffd55784e00c54e6c5befd703d03e8cc15ef5
SHA512

630c16986e7fc542613bc42311036729fa832b32d397ef286fae6415266bc14361216ba0ef80471e6c78673990daa4dd166f61bd74c3f6ae5a126ef5b69f3482
SSDEEP

3072:AE9ByF5wP7Ht99mbaa+vKAzWvSVJSwpi6Ds9z:7907wTr9mea+i6WKQJ

Score

8^/10

aspackv2 persistence privilege_escalation

Malware Config

Targets

- Target
  
  a2ebacdddafa21d01fb61c11a91c0c30N.exe
- Size
  
  137KB
- MD5
  
  a2ebacdddafa21d01fb61c11a91c0c30
- SHA1
  
  9d57997fa6e6090f3615e5be896bde420220db18
- SHA256
  
  10faad0020336253156d634fe62ffd55784e00c54e6c5befd703d03e8cc15ef5
- SHA512
  
  630c16986e7fc542613bc42311036729fa832b32d397ef286fae6415266bc14361216ba0ef80471e6c78673990daa4dd166f61bd74c3f6ae5a126ef5b69f3482
- SSDEEP
  
  3072:AE9ByF5wP7Ht99mbaa+vKAzWvSVJSwpi6Ds9z:7907wTr9mea+i6WKQJ
Score

8^/10

aspackv2 persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistenceprivilege_escalation

behavioral2

aspackv2persistenceprivilege_escalation