d5853b4bb76a2e0073b188d253223f7373cb400c7b2ddf621e5a3b746d5583b9 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

Setup_s.exe

windows11-21h2-x64

9

Sharing

General

Target

Setup_s.exe
Size

95.5MB
Sample

240327-lxj9jshf57
MD5

e24108d6d85ad78463f4534b202edc7b
SHA1

43166dd0efcc02fd08c0b6079f19d42214ea6bf5
SHA256

d5853b4bb76a2e0073b188d253223f7373cb400c7b2ddf621e5a3b746d5583b9
SHA512

ffe8ede6e20d1292c72cb3aed1e17f7179d4f79006a8cd0a4e236d82ca5a990cdfa986a421caf60d6b513bbfc0faac82ba9a916724f95537fa464a7d236e316e
SSDEEP

1572864:Uo9YTf0ynD+l4u1/hNPk0b+pS2iPXP3qZWA9JUIEe2obBh6O2bs0wGaFG5:U1nDk/hNPwSDPX/qZWAEevfP0s0wTU5

Score

9^/10

cryptone discovery packer persistence

Static task

static1

Behavioral task

behavioral1

Sample

Setup_s.exe

Resource

win11-20240221-en

cryptone discovery packer persistence

windows11-21h2-x64

12 signatures

300 seconds

Malware Config

Targets

- Target
  
  Setup_s.exe
- Size
  
  95.5MB
- MD5
  
  e24108d6d85ad78463f4534b202edc7b
- SHA1
  
  43166dd0efcc02fd08c0b6079f19d42214ea6bf5
- SHA256
  
  d5853b4bb76a2e0073b188d253223f7373cb400c7b2ddf621e5a3b746d5583b9
- SHA512
  
  ffe8ede6e20d1292c72cb3aed1e17f7179d4f79006a8cd0a4e236d82ca5a990cdfa986a421caf60d6b513bbfc0faac82ba9a916724f95537fa464a7d236e316e
- SSDEEP
  
  1572864:Uo9YTf0ynD+l4u1/hNPk0b+pS2iPXP3qZWA9JUIEe2obBh6O2bs0wGaFG5:U1nDk/hNPwSDPX/qZWAEevfP0s0wTU5
Score

9^/10

cryptone discovery packer persistence
- CryptOne packer
  Detects CryptOne packer defined in NCC blogpost.
  cryptone packer
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

cryptonediscoverypackerpersistence

© 2018-2024

Terms | Privacy