Overview

overview

9

Static

static

94c1e5135f...79.exe

windows7-x64

9

94c1e5135f...79.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94c1e5135fcc7ff0f1d12f2d7b1d9a8b2766fd9435760113e770750aa230d879

  • Size

    1.8MB

  • Sample

    221205-aywhesec9t

  • MD5

    4922e8b99049cca6fd1c678f8ee21218

  • SHA1

    ec9227a461e83bee92778c99d9039157293a1c71

  • SHA256

    94c1e5135fcc7ff0f1d12f2d7b1d9a8b2766fd9435760113e770750aa230d879

  • SHA512

    85b2ba2c637bbc03159ad9be566265b2f874730196cfd94711c8e446ab10ed8669f91496cec7c204c74c94fdeecda6869d2a64487bec9a0b22758fe28600252f

  • SSDEEP

    24576:foH4sXKroZydocPk0rVVekkfmbWMwyBt3yDaCi6nAaB2Odsbomlu5:fVsX4HrVyfAzypiMAaB2QJB

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      94c1e5135fcc7ff0f1d12f2d7b1d9a8b2766fd9435760113e770750aa230d879

    • Size

      1.8MB

    • MD5

      4922e8b99049cca6fd1c678f8ee21218

    • SHA1

      ec9227a461e83bee92778c99d9039157293a1c71

    • SHA256

      94c1e5135fcc7ff0f1d12f2d7b1d9a8b2766fd9435760113e770750aa230d879

    • SHA512

      85b2ba2c637bbc03159ad9be566265b2f874730196cfd94711c8e446ab10ed8669f91496cec7c204c74c94fdeecda6869d2a64487bec9a0b22758fe28600252f

    • SSDEEP

      24576:foH4sXKroZydocPk0rVVekkfmbWMwyBt3yDaCi6nAaB2Odsbomlu5:fVsX4HrVyfAzypiMAaB2QJB

    Score
    9/10
    cryptonepacker

    • CryptOne packer

      Detects CryptOne packer defined in NCC blogpost.

      cryptonepacker

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks