1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

1e3d0c3aa8...80.exe

windows7-x64

8

1e3d0c3aa8...80.exe

windows10-2004-x64

8

Sharing

General

Target

1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080.exe
Size

190KB
Sample

240705-ac3plsxbpj
MD5

5e5fbb2be6f5eb8368b9f5508ae91c40
SHA1

ee5d2c45b329d9fa963d248dd309636a639d4fc4
SHA256

1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080
SHA512

e8d6a6d9a5849da9bfe4ae27f73e1c255fea08f8eeb2717d5c20f29d5bcd118a168ced62db31f55623d6d2c7b53beecd0b5223b038b510bee709f22f8afe7827
SSDEEP

3072:rYubs4vIPfIOKyCRfyJiJJMXybJg30TZZ+MbpqdNjfBDckH8sbigzwQjod:Euk6fK6tixMbwNL+kDrm

Score

8^/10

aspackv2 persistence privilege_escalation

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080.exe

Resource

win7-20240221-en

aspackv2 persistence privilege_escalation

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080.exe

Resource

win10v2004-20240704-en

aspackv2 persistence privilege_escalation

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080.exe
- Size
  
  190KB
- MD5
  
  5e5fbb2be6f5eb8368b9f5508ae91c40
- SHA1
  
  ee5d2c45b329d9fa963d248dd309636a639d4fc4
- SHA256
  
  1e3d0c3aa8bedf4c0d08893595450607daa02900708a729c87e01872fe845080
- SHA512
  
  e8d6a6d9a5849da9bfe4ae27f73e1c255fea08f8eeb2717d5c20f29d5bcd118a168ced62db31f55623d6d2c7b53beecd0b5223b038b510bee709f22f8afe7827
- SSDEEP
  
  3072:rYubs4vIPfIOKyCRfyJiJJMXybJg30TZZ+MbpqdNjfBDckH8sbigzwQjod:Euk6fK6tixMbwNL+kDrm
Score

8^/10

aspackv2 persistence privilege_escalation
- Event Triggered Execution: AppInit DLLs
  Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
  persistence privilege_escalation
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

AppInit DLLs

Privilege Escalation

Event Triggered Execution

AppInit DLLs

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

aspackv2persistenceprivilege_escalation

behavioral2

aspackv2persistenceprivilege_escalation

© 2018-2024

Terms | Privacy