8c84e36b8fd041628c64743cbbf0a99e57eeb4eeb577be0765d4adf6e6613ff9 | Triage

Sharing

General

Target

02716d38a81377b2ff55202d5e92e6c2_JaffaCakes118
Size

2.1MB
Sample

240930-vvkxqswhjl
MD5

02716d38a81377b2ff55202d5e92e6c2
SHA1

6a1e582b794285d86e6a7f85891db524f47927ca
SHA256

8c84e36b8fd041628c64743cbbf0a99e57eeb4eeb577be0765d4adf6e6613ff9
SHA512

b34fcdee73f307c80e5575f0a38b9bce6156621b838a2b37dd71b42836b6815ee290bfa3a1293e8047c034cf065c1f454e3df7999279d88891a8603afef7789a
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  02716d38a81377b2ff55202d5e92e6c2_JaffaCakes118
- Size
  
  2.1MB
- MD5
  
  02716d38a81377b2ff55202d5e92e6c2
- SHA1
  
  6a1e582b794285d86e6a7f85891db524f47927ca
- SHA256
  
  8c84e36b8fd041628c64743cbbf0a99e57eeb4eeb577be0765d4adf6e6613ff9
- SHA512
  
  b34fcdee73f307c80e5575f0a38b9bce6156621b838a2b37dd71b42836b6815ee290bfa3a1293e8047c034cf065c1f454e3df7999279d88891a8603afef7789a
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence