2236cb10b63bf29763bdeef87a10345cbeed21836978776f5a581ae85cee433f | Triage

Sharing

General

Target

Crypter.exe
Size

11.1MB
Sample

240523-sbkrhsfa7w
MD5

07a86dc8a247e5025a1569d8a97f72fe
SHA1

f878d2981e38fe99a0291467fbf5c6649de5c1a4
SHA256

2236cb10b63bf29763bdeef87a10345cbeed21836978776f5a581ae85cee433f
SHA512

5fcd4186a7d979a661b5faed13fde7c1e531811feba2258d4b968ce62529561cb1d1a816123be04758e33579b50815de4b3a8ee62da7b54c7b5a521e9a44047e
SSDEEP

196608:tU+gmbg3yNQl4Ik+i8I4GA81G+LDadKGa2KOZo45AB+cQN63G8hubGNi:2uol4Iz5G1za9a27ZoAc+cQN63GAi

Score

9^/10

defense_evasion evasion execution impact persistence pyinstaller ransomware

Malware Config

Targets

- Target
  
  Crypter.exe
- Size
  
  11.1MB
- MD5
  
  07a86dc8a247e5025a1569d8a97f72fe
- SHA1
  
  f878d2981e38fe99a0291467fbf5c6649de5c1a4
- SHA256
  
  2236cb10b63bf29763bdeef87a10345cbeed21836978776f5a581ae85cee433f
- SHA512
  
  5fcd4186a7d979a661b5faed13fde7c1e531811feba2258d4b968ce62529561cb1d1a816123be04758e33579b50815de4b3a8ee62da7b54c7b5a521e9a44047e
- SSDEEP
  
  196608:tU+gmbg3yNQl4Ik+i8I4GA81G+LDadKGa2KOZo45AB+cQN63G8hubGNi:2uol4Iz5G1za9a27ZoAc+cQN63GAi
Score

9^/10

defense_evasion evasion execution impact persistence ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Disables Task Manager via registry modification
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Windows Management Instrumentation

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

defense_evasionevasionexecutionimpactpersistenceransomware