e50c1b36131d72437eb32a124a5208fad22dc22b843683cfb520e1ef172b8352 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

googlesketchupwen.exe

windows11-21h2-x64

9

Sharing

General

Target

googlesketchupwen.exe
Size

34.1MB
Sample

240204-z42dasbae5
MD5

80cc431668bf57c29fc7f1f4e7bae6ee
SHA1

f0628e6f05241f91e4f36d6be3b8685a408ad12b
SHA256

e50c1b36131d72437eb32a124a5208fad22dc22b843683cfb520e1ef172b8352
SHA512

e34848ca3c7aaec0a8f23c7bb71cdd5c9ff0611724892936597f647959e93879fcf3ef470bafd77563fd62717e914e4403a801b9b6528e84c73421f21e114134
SSDEEP

786432:cfToV5inUGUlc66VjgX6fFbV6jWX1BkO1zLeZU/OXU:OTSRSVi6MWX1V5xp

Score

9^/10

cryptone packer

Static task

static1

Behavioral task

behavioral1

Sample

googlesketchupwen.exe

Resource

win11-20231215-en

cryptone packer

windows11-21h2-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  googlesketchupwen.exe
- Size
  
  34.1MB
- MD5
  
  80cc431668bf57c29fc7f1f4e7bae6ee
- SHA1
  
  f0628e6f05241f91e4f36d6be3b8685a408ad12b
- SHA256
  
  e50c1b36131d72437eb32a124a5208fad22dc22b843683cfb520e1ef172b8352
- SHA512
  
  e34848ca3c7aaec0a8f23c7bb71cdd5c9ff0611724892936597f647959e93879fcf3ef470bafd77563fd62717e914e4403a801b9b6528e84c73421f21e114134
- SSDEEP
  
  786432:cfToV5inUGUlc66VjgX6fFbV6jWX1BkO1zLeZU/OXU:OTSRSVi6MWX1V5xp
Score

9^/10

cryptone packer
- CryptOne packer
  Detects CryptOne packer defined in NCC blogpost.
  cryptone packer
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy