077c35152c33c53a236cca7814da44ac5efd8e5227c02a2126b1b4d77c439808 | Triage

Sharing

General

Target

05276fec4d22dcdf33b18ca59fcbcc2b_JaffaCakes118
Size

229KB
Sample

240728-b4rxvstgne
MD5

05276fec4d22dcdf33b18ca59fcbcc2b
SHA1

81f09ddd31ca6d3bff7eeec1d67f55e407e1a9b5
SHA256

077c35152c33c53a236cca7814da44ac5efd8e5227c02a2126b1b4d77c439808
SHA512

eda72239d3563d5bce76d0fe99f99c29ce63b1cd2e9b9d1774095bea2a3ea3d5bd1996eb825ac08ede68aa2b96f8c8d02980a61c1e1bb95e4dacdfcf3ba05e3c
SSDEEP

3072:U6jI9XJy7rww9WaHHD/n6ppaWiFZIPmhOF0HFZqTTeTTTfqTTTJTTTTTnTTTTTTZ:XUZy0qzn76ppggmhOF0HFZlxU

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  05276fec4d22dcdf33b18ca59fcbcc2b_JaffaCakes118
- Size
  
  229KB
- MD5
  
  05276fec4d22dcdf33b18ca59fcbcc2b
- SHA1
  
  81f09ddd31ca6d3bff7eeec1d67f55e407e1a9b5
- SHA256
  
  077c35152c33c53a236cca7814da44ac5efd8e5227c02a2126b1b4d77c439808
- SHA512
  
  eda72239d3563d5bce76d0fe99f99c29ce63b1cd2e9b9d1774095bea2a3ea3d5bd1996eb825ac08ede68aa2b96f8c8d02980a61c1e1bb95e4dacdfcf3ba05e3c
- SSDEEP
  
  3072:U6jI9XJy7rww9WaHHD/n6ppaWiFZIPmhOF0HFZqTTeTTTfqTTTJTTTTTnTTTTTTZ:XUZy0qzn76ppggmhOF0HFZlxU
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence