8be7dc4fe5c46ae53ae05b08c574e131509e7f9ebb0bbd3518cfef5f915f984b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8be7dc4fe5c46ae53ae05b08c574e131509e7f9ebb0bbd3518cfef5f915f984bN
Size

202KB
Sample

241006-htblfsyhjc
MD5

fc6a7eba7e159021e6002785fd83a090
SHA1

2c4c1e329700d95494fa767a435fe48526ded04d
SHA256

8be7dc4fe5c46ae53ae05b08c574e131509e7f9ebb0bbd3518cfef5f915f984b
SHA512

b996e3663b6227b68abc38445b7fec0d642695f0dec5f1e3b7b7d5cebfd969d988ef28767f5267d293cb93c8399c67170587122324929e482b06b9d5c707b0ef
SSDEEP

6144:kCyveL/3FGaH0VVjkEqfoX3k/Ehi64h3/sxkVqzF:kCyvexvH0VVjkjnEhi66/sxkMF

Score

8^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  8be7dc4fe5c46ae53ae05b08c574e131509e7f9ebb0bbd3518cfef5f915f984bN
- Size
  
  202KB
- MD5
  
  fc6a7eba7e159021e6002785fd83a090
- SHA1
  
  2c4c1e329700d95494fa767a435fe48526ded04d
- SHA256
  
  8be7dc4fe5c46ae53ae05b08c574e131509e7f9ebb0bbd3518cfef5f915f984b
- SHA512
  
  b996e3663b6227b68abc38445b7fec0d642695f0dec5f1e3b7b7d5cebfd969d988ef28767f5267d293cb93c8399c67170587122324929e482b06b9d5c707b0ef
- SSDEEP
  
  6144:kCyveL/3FGaH0VVjkEqfoX3k/Ehi64h3/sxkVqzF:kCyvexvH0VVjkjnEhi66/sxkMF
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Server Software Component: Terminal Services DLL
  persistence
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence