ad7f65ca887519dd71071b19bc02bd56113c16d4faa63d7defacf13a6b18975f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028e3001d02588b439680749d8db29bb_JaffaCakes118
Size

2.8MB
Sample

240930-wdzv1axglp
MD5

028e3001d02588b439680749d8db29bb
SHA1

0ff4241c80796ebfea228148f705aece36c9d2d5
SHA256

ad7f65ca887519dd71071b19bc02bd56113c16d4faa63d7defacf13a6b18975f
SHA512

c3a712978f900dbe32d8dbefee1bec15799530d44f0d39a53d3d62bc4a11aee394d154fb7d76d7a8b9aa40921c7f91d36e9fe07dd689435387426ad183fd59c0
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  028e3001d02588b439680749d8db29bb_JaffaCakes118
- Size
  
  2.8MB
- MD5
  
  028e3001d02588b439680749d8db29bb
- SHA1
  
  0ff4241c80796ebfea228148f705aece36c9d2d5
- SHA256
  
  ad7f65ca887519dd71071b19bc02bd56113c16d4faa63d7defacf13a6b18975f
- SHA512
  
  c3a712978f900dbe32d8dbefee1bec15799530d44f0d39a53d3d62bc4a11aee394d154fb7d76d7a8b9aa40921c7f91d36e9fe07dd689435387426ad183fd59c0
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence