59983413c614b2bbf93f6e01c5758e17095209f0d9c5f6340f6e9a9fc1799023 | Triage

Sharing

General

Target

88471ec7e2d9e43a90ef456630751a32_JaffaCakes118
Size

894KB
Sample

240811-aq2dpswcjn
MD5

88471ec7e2d9e43a90ef456630751a32
SHA1

9b633570d70fe0f5879e24732117f9122a8059f3
SHA256

59983413c614b2bbf93f6e01c5758e17095209f0d9c5f6340f6e9a9fc1799023
SHA512

6c18196e5f3f97b0ee779c7ee6fece84107d4f8da652d1c23c8b351a557c2ef960c61fc82b9b518fd856ad3cc567f6fe3aed95d67eeee70bc7198bd6b0139d6e
SSDEEP

24576:WPxM8X0XbYRyjtehSHFgZQR5DJmskfthGS8V0kfK/nTQRI9cYQeD2wKpuvEp3U5:GxRkXsRiQhcFgZQqXGSE3fK/bf2wKp/J

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  88471ec7e2d9e43a90ef456630751a32_JaffaCakes118
- Size
  
  894KB
- MD5
  
  88471ec7e2d9e43a90ef456630751a32
- SHA1
  
  9b633570d70fe0f5879e24732117f9122a8059f3
- SHA256
  
  59983413c614b2bbf93f6e01c5758e17095209f0d9c5f6340f6e9a9fc1799023
- SHA512
  
  6c18196e5f3f97b0ee779c7ee6fece84107d4f8da652d1c23c8b351a557c2ef960c61fc82b9b518fd856ad3cc567f6fe3aed95d67eeee70bc7198bd6b0139d6e
- SSDEEP
  
  24576:WPxM8X0XbYRyjtehSHFgZQR5DJmskfthGS8V0kfK/nTQRI9cYQeD2wKpuvEp3U5:GxRkXsRiQhcFgZQqXGSE3fK/bf2wKp/J
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence