9c306fc3c46f6646e3b8cbbaf734f92f289fbef8fc9ea9a4296048a3882e8a1d | Triage

Sharing

General

Target

9c306fc3c46f6646e3b8cbbaf734f92f289fbef8fc9ea9a4296048a3882e8a1d
Size

600KB
Sample

240818-3x5c6asbmf
MD5

a3cce88439caab028877200299fcd213
SHA1

347db76c05334cec97c6bef58eae81b943d5ae07
SHA256

9c306fc3c46f6646e3b8cbbaf734f92f289fbef8fc9ea9a4296048a3882e8a1d
SHA512

abc23ac4712b07ac8c43e1a8130a6ad28e0cefa56fd59615d2b0f118aa81e287b57d29bf43289c97e2a0f0e964593759be1d956e0edf7a97c19b3582afadc820
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRqm:352T3siXei5bcmP9JfUjWU

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  9c306fc3c46f6646e3b8cbbaf734f92f289fbef8fc9ea9a4296048a3882e8a1d
- Size
  
  600KB
- MD5
  
  a3cce88439caab028877200299fcd213
- SHA1
  
  347db76c05334cec97c6bef58eae81b943d5ae07
- SHA256
  
  9c306fc3c46f6646e3b8cbbaf734f92f289fbef8fc9ea9a4296048a3882e8a1d
- SHA512
  
  abc23ac4712b07ac8c43e1a8130a6ad28e0cefa56fd59615d2b0f118aa81e287b57d29bf43289c97e2a0f0e964593759be1d956e0edf7a97c19b3582afadc820
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRqm:352T3siXei5bcmP9JfUjWU
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence