ed53160a8cb1670f4053ed265b4d4dcf633df484422dd80d3dfb144bc5fc3d94 | Triage

Sharing

General

Target

1554a48aa4d20085c5749975007344b7_JaffaCakes118
Size

99KB
Sample

241004-3mv2qssfpr
MD5

1554a48aa4d20085c5749975007344b7
SHA1

6649a05dc0293e7df64753472271e8698bb5796e
SHA256

ed53160a8cb1670f4053ed265b4d4dcf633df484422dd80d3dfb144bc5fc3d94
SHA512

425f93af016c34850036a889de8ee7d13043af9ee532e4d4dd4afc9a7abd015c42fdc9de5db317de81b0ddfe65891395829b7e373da11b3cab94a0bd060fcf17
SSDEEP

1536:DmrTWBiaYHmfZmoXS/6hI5K/4QsxuA6OaCGlww34ShWhPeLJVgC:ATlToXS/6S5jQsx1ZaCNAZLo

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  1554a48aa4d20085c5749975007344b7_JaffaCakes118
- Size
  
  99KB
- MD5
  
  1554a48aa4d20085c5749975007344b7
- SHA1
  
  6649a05dc0293e7df64753472271e8698bb5796e
- SHA256
  
  ed53160a8cb1670f4053ed265b4d4dcf633df484422dd80d3dfb144bc5fc3d94
- SHA512
  
  425f93af016c34850036a889de8ee7d13043af9ee532e4d4dd4afc9a7abd015c42fdc9de5db317de81b0ddfe65891395829b7e373da11b3cab94a0bd060fcf17
- SSDEEP
  
  1536:DmrTWBiaYHmfZmoXS/6hI5K/4QsxuA6OaCGlww34ShWhPeLJVgC:ATlToXS/6S5jQsx1ZaCNAZLo
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence