Overview

overview

8

Static

static

3

KriptoProCSP5.0.exe

windows7-x64

8

KriptoProCSP5.0.exe

windows10-1703-x64

8

KriptoProCSP5.0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    KriptoProCSP5.0.exe

  • Size

    6.9MB

  • Sample

    230710-qme93abf51

  • MD5

    535566815afbe66d4117e13309c2fed5

  • SHA1

    47aa09925a8217e92f927bad5baa931e00d3adf0

  • SHA256

    f96f6bb2c40df51c4543d11bae706bcab13aac87509e7bba3d49b820fd51d571

  • SHA512

    8d9d2cc14e9c0aff85cb90ad6096db99bfeb55a07e782e7a2b6beb05207e1261a526ba987726eefed51351db72694a93598dc6aec7633851624cb3e017bec25f

  • SSDEEP

    196608:Qy+hxql0C9WvU5FamtWY3CaUExQyT5n90:V+h+0C9WvU3agWOCHun90

Score
8/10
persistence

Malware Config

Targets

    • Target

      KriptoProCSP5.0.exe

    • Size

      6.9MB

    • MD5

      535566815afbe66d4117e13309c2fed5

    • SHA1

      47aa09925a8217e92f927bad5baa931e00d3adf0

    • SHA256

      f96f6bb2c40df51c4543d11bae706bcab13aac87509e7bba3d49b820fd51d571

    • SHA512

      8d9d2cc14e9c0aff85cb90ad6096db99bfeb55a07e782e7a2b6beb05207e1261a526ba987726eefed51351db72694a93598dc6aec7633851624cb3e017bec25f

    • SSDEEP

      196608:Qy+hxql0C9WvU5FamtWY3CaUExQyT5n90:V+h+0C9WvU3agWOCHun90

    Score
    8/10
    persistence

    • Sets DLL path for service in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks