e68dda0a0da195b36bdc5ff0cd331111566e40611a599c069bee4c99c45ad32a | Triage

Sharing

General

Target

17645db2041d4c3803716fa9cc062a59_JaffaCakes118
Size

394KB
Sample

241005-myw56svdrb
MD5

17645db2041d4c3803716fa9cc062a59
SHA1

a63997b9c09e417ba4055cf4b4e7d56ec0a6a3a6
SHA256

e68dda0a0da195b36bdc5ff0cd331111566e40611a599c069bee4c99c45ad32a
SHA512

eed1f726e25141a886c86d631d1e7547db294ea200cf6faa67c46221abda661bbe4dd89d6ef1feec091dbf8bc2651baf69d305957f87f347df6a4a5305b0c5ce
SSDEEP

1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  17645db2041d4c3803716fa9cc062a59_JaffaCakes118
- Size
  
  394KB
- MD5
  
  17645db2041d4c3803716fa9cc062a59
- SHA1
  
  a63997b9c09e417ba4055cf4b4e7d56ec0a6a3a6
- SHA256
  
  e68dda0a0da195b36bdc5ff0cd331111566e40611a599c069bee4c99c45ad32a
- SHA512
  
  eed1f726e25141a886c86d631d1e7547db294ea200cf6faa67c46221abda661bbe4dd89d6ef1feec091dbf8bc2651baf69d305957f87f347df6a4a5305b0c5ce
- SSDEEP
  
  1536:OKD0A2T3vLbsih9e8bTTpb/IgQmP9zKcTDB4w/UjlQ/dpKRq:352T3siXei5bcmP9JfUjW
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Deletes itself
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence