0a04f4841fa1ac63af0fd7e72353faa4b09ded3577510255dea572a357517de9 | Triage

Sharing

General

Target

0bfbc9eb9115755eaa40d0c21d107244_JaffaCakes118
Size

57KB
Sample

241002-w5nl2stgnf
MD5

0bfbc9eb9115755eaa40d0c21d107244
SHA1

38e6b0a27763cb5c46164660f10f6df1e4801e9e
SHA256

0a04f4841fa1ac63af0fd7e72353faa4b09ded3577510255dea572a357517de9
SHA512

8e6fe5256520370b99286198ac96c5fac20564a421458aecb5896d039db00da72b57dddc55e0f2cdd8bc7a9397d5e4f8b184b352f9652fbc8dfb0bc79c13ff1b
SSDEEP

768:7Qyy1uehE54M6mDVwihlHgdcHk7NzziqBj1+4fbCCXVz8iiom+ZfzNGwkty6+/P:MysuehEmm1rYyqCgat+dVktyz/P

Score

8^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  0bfbc9eb9115755eaa40d0c21d107244_JaffaCakes118
- Size
  
  57KB
- MD5
  
  0bfbc9eb9115755eaa40d0c21d107244
- SHA1
  
  38e6b0a27763cb5c46164660f10f6df1e4801e9e
- SHA256
  
  0a04f4841fa1ac63af0fd7e72353faa4b09ded3577510255dea572a357517de9
- SHA512
  
  8e6fe5256520370b99286198ac96c5fac20564a421458aecb5896d039db00da72b57dddc55e0f2cdd8bc7a9397d5e4f8b184b352f9652fbc8dfb0bc79c13ff1b
- SSDEEP
  
  768:7Qyy1uehE54M6mDVwihlHgdcHk7NzziqBj1+4fbCCXVz8iiom+ZfzNGwkty6+/P:MysuehEmm1rYyqCgat+dVktyz/P
Score

8^/10

aspackv2 discovery persistence
- Server Software Component: Terminal Services DLL
  persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence