Overview

overview

9

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1227834034579570750/1227834078355656714/WebMain.swf?ex=6629d898&is=66176398&hm=cfe226e3794bf3cfd6ef08cd99a5026512f9ca9f5414ba7c117e9ae3ee865683& AND http://www.mediafire.com/file/61yyz8mjn63l3z1/flashplayer_18_sa.exe/file

  • Sample

    240411-ezhp6scb64

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1227834034579570750/1227834078355656714/WebMain.swf?ex=6629d898&is=66176398&hm=cfe226e3794bf3cfd6ef08cd99a5026512f9ca9f5414ba7c117e9ae3ee865683& AND http://www.mediafire.com/file/61yyz8mjn63l3z1/flashplayer_18_sa.exe/file

    Score
    9/10
    cryptonepacker

    • CryptOne packer

      Detects CryptOne packer defined in NCC blogpost.

      cryptonepacker

    • Downloads MZ/PE file

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks