debd25aeedd5cc01f2bcdf256640b3234cd8463465ee8cd65c3169fa27612f90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0263cdf71a16888523ed0a081084a6ea_JaffaCakes118
Size

2.2MB
Sample

240930-vlwymszfjf
MD5

0263cdf71a16888523ed0a081084a6ea
SHA1

9613419f677f979276d3f15d8f3398b7a7d8a8aa
SHA256

debd25aeedd5cc01f2bcdf256640b3234cd8463465ee8cd65c3169fa27612f90
SHA512

c973d63b91a1e4717514926164ec119bf3e1723f5a87d0eed7f8a085a6cc88ec2a9d2c04217ef638fc96c03b570f413b770e692bda028230c4fb4a37611d85da
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  0263cdf71a16888523ed0a081084a6ea_JaffaCakes118
- Size
  
  2.2MB
- MD5
  
  0263cdf71a16888523ed0a081084a6ea
- SHA1
  
  9613419f677f979276d3f15d8f3398b7a7d8a8aa
- SHA256
  
  debd25aeedd5cc01f2bcdf256640b3234cd8463465ee8cd65c3169fa27612f90
- SHA512
  
  c973d63b91a1e4717514926164ec119bf3e1723f5a87d0eed7f8a085a6cc88ec2a9d2c04217ef638fc96c03b570f413b770e692bda028230c4fb4a37611d85da
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence