a269ffe5db73d573a5f3e0a07c6c171726e25adf4c5d0bd9d03fad4c1f6bdbe4 | Triage

Sharing

General

Target

031736b1117c5a4d38693e2576985b7b_JaffaCakes118
Size

2.9MB
Sample

240930-yx26kstapj
MD5

031736b1117c5a4d38693e2576985b7b
SHA1

1745257d58221e20fd4c90cd1345f8c2bd36d1f7
SHA256

a269ffe5db73d573a5f3e0a07c6c171726e25adf4c5d0bd9d03fad4c1f6bdbe4
SHA512

8a2209480d3a521ee920513bd02df7b8b1c8482c21ff4ed4b97976b87322bd20d39caf4a819b2fcbf6d2ee52e7a86189d0e963485a409639560b919bdd1392a0
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  031736b1117c5a4d38693e2576985b7b_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  031736b1117c5a4d38693e2576985b7b
- SHA1
  
  1745257d58221e20fd4c90cd1345f8c2bd36d1f7
- SHA256
  
  a269ffe5db73d573a5f3e0a07c6c171726e25adf4c5d0bd9d03fad4c1f6bdbe4
- SHA512
  
  8a2209480d3a521ee920513bd02df7b8b1c8482c21ff4ed4b97976b87322bd20d39caf4a819b2fcbf6d2ee52e7a86189d0e963485a409639560b919bdd1392a0
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence