9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a | Triage

Submit
Reports

Overview

overview

8

Static

static

7

9ec956c157...6a.exe

windows7-x64

8

9ec956c157...6a.exe

windows10-2004-x64

7

Sharing

General

Target

9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a
Size

205KB
Sample

240705-a971la1bka
MD5

1fcb07efeb20aabe8223e46ebdb48cde
SHA1

f10ed073debd460083174749cac9e64c6b1b5fd9
SHA256

9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a
SHA512

197cb0b9bb8d8a178ae58aa535a2b23dbd9be891ee8c2c96ef6f6fd72affb4117bb501e1f0b68b0157b8968d5c5e0cbc17c421ec28f269a2f83f512620477bf8
SSDEEP

3072:mbMDF8hw0ZbtC2aoaHSKLd1ZWZCZDP+RBqqAXV1o9DhlYJRkgor3rSjGKWGqpqjD:m1hwCbtC2atYZC9aqJhJPor3RLGqpX2

Score

8^/10

aspackv2 persistence privilege_escalation

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a.exe

Resource

win7-20240704-en

aspackv2 persistence privilege_escalation

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a
- Size
  
  205KB
- MD5
  
  1fcb07efeb20aabe8223e46ebdb48cde
- SHA1
  
  f10ed073debd460083174749cac9e64c6b1b5fd9
- SHA256
  
  9ec956c1571dd0d6928d54b4cc230274ae7d1759feba150a7eb8425e55cf336a
- SHA512
  
  197cb0b9bb8d8a178ae58aa535a2b23dbd9be891ee8c2c96ef6f6fd72affb4117bb501e1f0b68b0157b8968d5c5e0cbc17c421ec28f269a2f83f512620477bf8
- SSDEEP
  
  3072:mbMDF8hw0ZbtC2aoaHSKLd1ZWZCZDP+RBqqAXV1o9DhlYJRkgor3rSjGKWGqpqjD:m1hwCbtC2atYZC9aqJhJPor3RLGqpX2
Score

8^/10

aspackv2 persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

aspackv2persistenceprivilege_escalation

behavioral2

© 2018-2024

Terms | Privacy