e17a6534ad76c8f729553ca2e6574731421305c2bb509cf9699baffb71648e4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d26876dad30cf8b6184b4782e8111740_JaffaCakes118
Size

124KB
Sample

240907-ve8zmawene
MD5

d26876dad30cf8b6184b4782e8111740
SHA1

42692aece861c97fa6697c43cdfe3462290d2474
SHA256

e17a6534ad76c8f729553ca2e6574731421305c2bb509cf9699baffb71648e4f
SHA512

86e9a1884b7d9630032455f0a0e904e382d6bf59cb3f7764520cc3b6440c7b639eb77ea2eda6cd53a25a11b48258354daee373e86737c5f8d07e97416e68152b
SSDEEP

1536:eq044dpCMOT7vS5AuUEUDRtCWNnPpIMa+7Adlww3di3nOBV55NE0KHYc1ICv4+Vs:eDzdIM8KArRwaGRjd/A3nOP5nq4R3+FI

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  d26876dad30cf8b6184b4782e8111740_JaffaCakes118
- Size
  
  124KB
- MD5
  
  d26876dad30cf8b6184b4782e8111740
- SHA1
  
  42692aece861c97fa6697c43cdfe3462290d2474
- SHA256
  
  e17a6534ad76c8f729553ca2e6574731421305c2bb509cf9699baffb71648e4f
- SHA512
  
  86e9a1884b7d9630032455f0a0e904e382d6bf59cb3f7764520cc3b6440c7b639eb77ea2eda6cd53a25a11b48258354daee373e86737c5f8d07e97416e68152b
- SSDEEP
  
  1536:eq044dpCMOT7vS5AuUEUDRtCWNnPpIMa+7Adlww3di3nOBV55NE0KHYc1ICv4+Vs:eDzdIM8KArRwaGRjd/A3nOP5nq4R3+FI
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2