363d6cf199c3821ab56f0a93639398d4b82f98eec2bd9f7e69b0234bf9c69967 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

363d6cf199c3821ab56f0a93639398d4b82f98eec2bd9f7e69b0234bf9c69967
Size

474KB
Sample

240928-y9lz5avemp
MD5

fa95f30ec75014848d0a5fe493340b12
SHA1

a2a9c0ff3dd4f3bffd26143fdf91ec578b841e46
SHA256

363d6cf199c3821ab56f0a93639398d4b82f98eec2bd9f7e69b0234bf9c69967
SHA512

a8e5652b8466a69b39f2f601695f526bcf734283fca0f3e6be12297000aeb073f1974e49eb5743b8579889f123f48ea62c9789bd60a83ed326dc132ac9957f58
SSDEEP

3072:qIHucMO03on/MnC6rWVC7Vr338NVtvglt6BAJb89:VH83on/MnZYKD3Wtvgl0BA6

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  363d6cf199c3821ab56f0a93639398d4b82f98eec2bd9f7e69b0234bf9c69967
- Size
  
  474KB
- MD5
  
  fa95f30ec75014848d0a5fe493340b12
- SHA1
  
  a2a9c0ff3dd4f3bffd26143fdf91ec578b841e46
- SHA256
  
  363d6cf199c3821ab56f0a93639398d4b82f98eec2bd9f7e69b0234bf9c69967
- SHA512
  
  a8e5652b8466a69b39f2f601695f526bcf734283fca0f3e6be12297000aeb073f1974e49eb5743b8579889f123f48ea62c9789bd60a83ed326dc132ac9957f58
- SSDEEP
  
  3072:qIHucMO03on/MnC6rWVC7Vr338NVtvglt6BAJb89:VH83on/MnZYKD3Wtvgl0BA6
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence