6e98fd609bdf71a89964c841c3df65c9a2be50cce687cad1b8a091941f6b5240 | Triage

Sharing

General

Target

7729d69e94bc2f4e4ea30eff291f81d0N.exe
Size

138KB
Sample

240723-gxexls1dme
MD5

7729d69e94bc2f4e4ea30eff291f81d0
SHA1

a4695aa930a84468909256f8d48720abd8e248ff
SHA256

6e98fd609bdf71a89964c841c3df65c9a2be50cce687cad1b8a091941f6b5240
SHA512

3dc8a9e44ade3f6cbdcc69cc48d4179018e7d321a3985d44bc8451deb98de5af981d88ad5a5c176d4b35527d8519793c11c8288a628f7aa0361dda06dabd6303
SSDEEP

3072:AE9ByF5wP7Ht99mbaa+vKAzWvSVJSwpi6Ds9R:7907wTr9mea+i6WKQH

Score

8^/10

aspackv2 persistence privilege_escalation

Malware Config

Targets

- Target
  
  7729d69e94bc2f4e4ea30eff291f81d0N.exe
- Size
  
  138KB
- MD5
  
  7729d69e94bc2f4e4ea30eff291f81d0
- SHA1
  
  a4695aa930a84468909256f8d48720abd8e248ff
- SHA256
  
  6e98fd609bdf71a89964c841c3df65c9a2be50cce687cad1b8a091941f6b5240
- SHA512
  
  3dc8a9e44ade3f6cbdcc69cc48d4179018e7d321a3985d44bc8451deb98de5af981d88ad5a5c176d4b35527d8519793c11c8288a628f7aa0361dda06dabd6303
- SSDEEP
  
  3072:AE9ByF5wP7Ht99mbaa+vKAzWvSVJSwpi6Ds9R:7907wTr9mea+i6WKQH
Score

8^/10

aspackv2 persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2persistenceprivilege_escalation

behavioral2

aspackv2persistenceprivilege_escalation