d904438e7af92998deefad3d5177ccb0d202f37f65c51915a1e811080be73afe | Triage

Submit
Reports

Overview

overview

9

Static

static

9

008ec79765...49.exe

windows7_x64

9

008ec79765...49.exe

windows10_x64

9

Sharing

General

Target

008ec79765325200361d9c93ac35edd430f8b17894ff843268caa5acd6224549.zip
Size

1.7MB
Sample

210412-y6sxmew9da
MD5

5136a8df5dd196598942c004e2739cb6
SHA1

1007bafd08f543c8d782d6a704c44fa6feebb43d
SHA256

d904438e7af92998deefad3d5177ccb0d202f37f65c51915a1e811080be73afe
SHA512

521881f12f9c5435a24e910fb6e167f0015d98adb4d157404594cd3d164c913ca51bc015b2942d39f41deac81ff9ab6f1e6d9127fe48be1b8cf5077eb9b09653

Score

9^/10

cryptone packer ransomware

Static task

static1

cryptone packer

Behavioral task

behavioral1

Sample

008ec79765325200361d9c93ac35edd430f8b17894ff843268caa5acd6224549.exe

Resource

win7v20210410

cryptone packer ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

008ec79765325200361d9c93ac35edd430f8b17894ff843268caa5acd6224549.exe

Resource

win10v20210408

cryptone packer ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  008ec79765325200361d9c93ac35edd430f8b17894ff843268caa5acd6224549.exe
- Size
  
  1.9MB
- MD5
  
  d86f451bbff804e59a549f9fb33d6e3f
- SHA1
  
  3cb0cb07cc2542f1d98060adccda726ea865db98
- SHA256
  
  008ec79765325200361d9c93ac35edd430f8b17894ff843268caa5acd6224549
- SHA512
  
  c86ad7e1d5c445d4de9866faab578b2eb04f72ffef4fac380b7164003471b4b48b09772e735ea15205e2ab4a1f4d194d188cdeb12c7199d0824ddaba393dcaa2
Score

9^/10

cryptone packer ransomware
- CryptOne packer
  Detects CryptOne packer defined in NCC blogpost.
  cryptone packer
- Executes dropped EXE
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

cryptonepackerransomware

behavioral2

cryptonepackerransomware

© 2018-2024

Terms | Privacy