2236cb10b63bf29763bdeef87a10345cbeed21836978776f5a581ae85cee433f | Triage

Sharing

General

Target

Crypter.exe
Size

11.1MB
Sample

240523-sd947afb6v
MD5

07a86dc8a247e5025a1569d8a97f72fe
SHA1

f878d2981e38fe99a0291467fbf5c6649de5c1a4
SHA256

2236cb10b63bf29763bdeef87a10345cbeed21836978776f5a581ae85cee433f
SHA512

5fcd4186a7d979a661b5faed13fde7c1e531811feba2258d4b968ce62529561cb1d1a816123be04758e33579b50815de4b3a8ee62da7b54c7b5a521e9a44047e
SSDEEP

196608:tU+gmbg3yNQl4Ik+i8I4GA81G+LDadKGa2KOZo45AB+cQN63G8hubGNi:2uol4Iz5G1za9a27ZoAc+cQN63GAi

Score

9^/10

defense_evasion evasion execution impact persistence pyinstaller ransomware

Malware Config

Targets

- Target
  
  Crypter.exe
- Size
  
  11.1MB
- MD5
  
  07a86dc8a247e5025a1569d8a97f72fe
- SHA1
  
  f878d2981e38fe99a0291467fbf5c6649de5c1a4
- SHA256
  
  2236cb10b63bf29763bdeef87a10345cbeed21836978776f5a581ae85cee433f
- SHA512
  
  5fcd4186a7d979a661b5faed13fde7c1e531811feba2258d4b968ce62529561cb1d1a816123be04758e33579b50815de4b3a8ee62da7b54c7b5a521e9a44047e
- SSDEEP
  
  196608:tU+gmbg3yNQl4Ik+i8I4GA81G+LDadKGa2KOZo45AB+cQN63G8hubGNi:2uol4Iz5G1za9a27ZoAc+cQN63GAi
Score

9^/10

defense_evasion evasion execution impact persistence ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Disables Task Manager via registry modification
  evasion
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Windows Management Instrumentation

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Resource Development

Reconnaissance

Tasks

static1

behavioral1

defense_evasionevasionexecutionimpactpersistenceransomware