a58b7bd1380f220770408e33f43bdac4ab0bfe336e101484100915bf0518e794

Resubmissions

30-07-2024 12:17

240730-pgdcvasfjf 10

30-07-2024 12:17

240730-pf9dwssfjb 7

30-07-2024 09:41

240730-lnrl9szhjf 10

Sharing

Copy URL

Twitter E-mail

General

Target

Chrome.exe
Size

4.6MB
Sample

240730-pf9dwssfjb
MD5

d64c8e67eaa9bb5b648f7aa4731c2924
SHA1

81d7eec4135a2cde0d29bf651eb3b8e1f4093a93
SHA256

a58b7bd1380f220770408e33f43bdac4ab0bfe336e101484100915bf0518e794
SHA512

1df2e7066fa804f992edb9f7e15256ab2348a0eb42068de9b987806b220e2ffc6736762fc9b4c37c6277738ca6983e8357d9b8aa6a63317d09a8fac6f54427d4
SSDEEP

98304:jDN3JGPpKZ9AaI7S2DLpKNbEoH6ErTQyQzPm1XUxIyiVni:jJ34UwF7S2DLpKNEoHj58PDxdii

Score

7^/10

Malware Config

Targets

- Target
  
  Chrome.exe
- Size
  
  4.6MB
- MD5
  
  d64c8e67eaa9bb5b648f7aa4731c2924
- SHA1
  
  81d7eec4135a2cde0d29bf651eb3b8e1f4093a93
- SHA256
  
  a58b7bd1380f220770408e33f43bdac4ab0bfe336e101484100915bf0518e794
- SHA512
  
  1df2e7066fa804f992edb9f7e15256ab2348a0eb42068de9b987806b220e2ffc6736762fc9b4c37c6277738ca6983e8357d9b8aa6a63317d09a8fac6f54427d4
- SSDEEP
  
  98304:jDN3JGPpKZ9AaI7S2DLpKNbEoH6ErTQyQzPm1XUxIyiVni:jJ34UwF7S2DLpKNEoHj58PDxdii
Score

7^/10

aspackv2 discovery evasion persistence trojan upx
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

ASPack v2.12-2.42

Checks computer location settings

Deletes itself

Executes dropped EXE

Loads dropped DLL

UPX packed file

Adds Run key to start application

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4