ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790 | Triage

Submit
Reports

Overview

overview

9

Static

static

ab2a89c9b3...90.exe

windows7-x64

9

ab2a89c9b3...90.exe

windows10-2004-x64

3

Sharing

General

Target

ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790
Size

193KB
Sample

221127-w7yj2ahh46
MD5

e05eeee6d2bdf27d5dc83910ac7ca93b
SHA1

c1985c15c8a4f84928e7832041c86b6d089c14fc
SHA256

ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790
SHA512

c152327a1e9dff584b7a2ff0fae2a5ed6444c69ada6a6a6b862e62103c36c09b8647f84806f97fc3cfa59bd470a8c0d209df95de02891d11241bde826e181afc
SSDEEP

3072:OzA2AJKoClrGvNPuCGYR69X3wKvzNVL58ACjOJBfgPV+Muce:Ogs3YR65nVTtyPVBe

Score

9^/10

cryptone packer persistence

Static task

static1

Behavioral task

behavioral1

Sample

ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790.exe

Resource

win7-20220812-en

cryptone packer persistence

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790
- Size
  
  193KB
- MD5
  
  e05eeee6d2bdf27d5dc83910ac7ca93b
- SHA1
  
  c1985c15c8a4f84928e7832041c86b6d089c14fc
- SHA256
  
  ab2a89c9b33bd518ea9f1a53cf74283795acaf19218076d78a765fde28d67790
- SHA512
  
  c152327a1e9dff584b7a2ff0fae2a5ed6444c69ada6a6a6b862e62103c36c09b8647f84806f97fc3cfa59bd470a8c0d209df95de02891d11241bde826e181afc
- SSDEEP
  
  3072:OzA2AJKoClrGvNPuCGYR69X3wKvzNVL58ACjOJBfgPV+Muce:Ogs3YR65nVTtyPVBe
Score

9^/10

cryptone packer persistence
- CryptOne packer
  Detects CryptOne packer defined in NCC blogpost.
  cryptone packer
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

cryptonepackerpersistence

behavioral2

© 2018-2024

Terms | Privacy