suncrypt | 875473b38732ac69e3ebaaae4f6f4f3cb12534d4175de132c4eeeb97ba64d226 | Triage

Sharing

General

Target

load.ps1.zip
Size

551KB
Sample

210308-8pwb2c5gfn
MD5

a9c2df49e31a3d62c91d2cacfe4a7cd5
SHA1

1add1f01a224e40c6c05b905e8162d3fe718e8eb
SHA256

875473b38732ac69e3ebaaae4f6f4f3cb12534d4175de132c4eeeb97ba64d226
SHA512

d8222a62f1bcd0c6b9eb8f47946f85e2a73464f731cbb0c55360d823372ddfc54ce8d5a4a04dc283255117507c7acd416794d4bf4d41e0db53a1861fcd2170ea

Score

10^/10

suncrypt ransomware

Malware Config

Targets

- Target
  
  load.ps1
- Size
  
  1.4MB
- MD5
  
  09a05a2212bd2c0fe0e2881401fbff17
- SHA1
  
  fbb6f8dae1753cd2a282ee161bc5496486cc06f7
- SHA256
  
  b41a303a4caa71fa260dd601a796033d8bfebcaa6bd9dfd7ad956fac5229a735
- SHA512
  
  8d0dd3a7d6adaa690a3f7625a573b8c50cfa9d40fa17836b7e8ab8a10bfe67f4eaf0720cedda0c1d2986e7e70770a097ad8af2a9e24ccd595514a0384cbc275f
Score

10^/10

suncrypt ransomware
- SunCrypt Ransomware
  Family which threatens to leak data alongside encrypting files. Has claimed to be collaborating with the Maze ransomware group.
  ransomware suncrypt
- Blocklisted process makes network request
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

suncryptransomware

behavioral2