270a803cdac159831da4c03a3781d44c7f088413f210a6503c70ca0d32355d24 | Triage

Sharing

General

Target

ec983fe90d1e42943bef2675d0e953b0_JaffaCakes118
Size

1.6MB
Sample

240920-b55v4stakq
MD5

ec983fe90d1e42943bef2675d0e953b0
SHA1

c706eb619cd868d5d5fa0ab12438280a0008ceda
SHA256

270a803cdac159831da4c03a3781d44c7f088413f210a6503c70ca0d32355d24
SHA512

c6db382f5d53c5c075eec85131482cf17d06392d7318fe7547abbd30589d48ab00572884f554a775cdb51e685b096337f64671703202ddbc31139e62a71dc380
SSDEEP

24576:neb9EJeZn4Q26a1KWgsLZvA3NSIF2JEuXrgLPbZ6GNoNb/p4cUCkj/gazb:neRGfRgm+3NvUEpjZFaNLp4YgYQ

Score

10^/10

aspackv2 discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ec983fe90d1e42943bef2675d0e953b0_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  ec983fe90d1e42943bef2675d0e953b0
- SHA1
  
  c706eb619cd868d5d5fa0ab12438280a0008ceda
- SHA256
  
  270a803cdac159831da4c03a3781d44c7f088413f210a6503c70ca0d32355d24
- SHA512
  
  c6db382f5d53c5c075eec85131482cf17d06392d7318fe7547abbd30589d48ab00572884f554a775cdb51e685b096337f64671703202ddbc31139e62a71dc380
- SSDEEP
  
  24576:neb9EJeZn4Q26a1KWgsLZvA3NSIF2JEuXrgLPbZ6GNoNb/p4cUCkj/gazb:neRGfRgm+3NvUEpjZFaNLp4YgYQ
Score

10^/10

discovery evasion persistence trojan
- Windows security bypass
  evasion trojan
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan