db783a3e5605625fac19e31792b7f1ef2a0b6ac47846c2e953d053cbe8aa6d92 | Triage

Sharing

General

Target

0200f7f036ea7dec63463205084fe8e6_JaffaCakes118
Size

2.8MB
Sample

240930-smd34swcqh
MD5

0200f7f036ea7dec63463205084fe8e6
SHA1

08ab521d3c8319da25fd67d0844d1c92b3bb2a86
SHA256

db783a3e5605625fac19e31792b7f1ef2a0b6ac47846c2e953d053cbe8aa6d92
SHA512

713b0d564cdaabc8d24e659c74825917e24e2c79e05c9e9bd39c527b65c7b1d6e721650a6fdf912adfeb9b173c75f311f187ac558548e77ad0e83e2aa4dc24e3
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  0200f7f036ea7dec63463205084fe8e6_JaffaCakes118
- Size
  
  2.8MB
- MD5
  
  0200f7f036ea7dec63463205084fe8e6
- SHA1
  
  08ab521d3c8319da25fd67d0844d1c92b3bb2a86
- SHA256
  
  db783a3e5605625fac19e31792b7f1ef2a0b6ac47846c2e953d053cbe8aa6d92
- SHA512
  
  713b0d564cdaabc8d24e659c74825917e24e2c79e05c9e9bd39c527b65c7b1d6e721650a6fdf912adfeb9b173c75f311f187ac558548e77ad0e83e2aa4dc24e3
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence