Overview

overview

10

Static

static

3

cracutor1....it.dll

windows11-21h2-x64

1

cracutor1....ne.exe

windows11-21h2-x64

3

cracutor1....er.bat

windows11-21h2-x64

10

cracutor1....ity.js

windows11-21h2-x64

3

cracutor1....or.bat

windows11-21h2-x64

10

Analysis

  • max time kernel
    44s
  • max time network
    22s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24-05-2024 13:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cracutor1.0/cracutor (1)/Neptune.exe

  • Size

    2.0MB

  • MD5

    03d0c69e31fd77718e661722361c0a5c

  • SHA1

    04e02539771963a628477f6546be48d2d912a612

  • SHA256

    255834540df95d84167a197acc6e70d9b80baa5dc15ddb16060508be498f1e78

  • SHA512

    94ed7ee2ad72a4b80fc9121483c5b95ad2a1036b3a20f60499d59cc1255635bcade467952b828a3b27415ddd799c8b3a89476bc0f34726292f6632249fa0d986

  • SSDEEP

    49152:DBg2KouMMLSgIOiJgX+JvYLF1ESGbYGcJcDKbw:djKouMaXc4F1cmuDKb

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cracutor1.0\cracutor (1)\Neptune.exe
    "C:\Users\Admin\AppData\Local\Temp\cracutor1.0\cracutor (1)\Neptune.exe"
    1⤵
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:224

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
    Filesize

    14KB

    MD5

    34fe211b755c50ec075e83f32c8e6e51

    SHA1

    7f9f7f2ddf232888ae98fe4ecb74c8c9061c1bfd

    SHA256

    6bcce1ad1ad18cd511313d83989ad7b0fa73f485c79cf08b91879f7f5e3efe06

    SHA512

    efa124e6fae6ba0036fcf56af4ce42b967b887b6c5ff156e9ed87efd2f7afa13819631d1739e177b27904af0e4bd9adbdfa994483cfeac15baed6de4cbbaff76

    Download Submit
  • memory/224-6-0x00000000064F0000-0x0000000006582000-memory.dmp
    Filesize

    584KB

    Download
  • memory/224-9-0x0000000005EA0000-0x0000000005EAE000-memory.dmp
    Filesize

    56KB

    Download
  • memory/224-3-0x00000000746D0000-0x0000000074E81000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/224-4-0x0000000005F40000-0x00000000064E6000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/224-5-0x0000000005A30000-0x0000000005ACE000-memory.dmp
    Filesize

    632KB

    Download
  • memory/224-0-0x00000000746DE000-0x00000000746DF000-memory.dmp
    Filesize

    4KB

    Download
  • memory/224-7-0x0000000005E80000-0x0000000005E88000-memory.dmp
    Filesize

    32KB

    Download
  • memory/224-2-0x00000000746D0000-0x0000000074E81000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/224-8-0x0000000005ED0000-0x0000000005F08000-memory.dmp
    Filesize

    224KB

    Download
  • memory/224-1-0x0000000000BC0000-0x0000000000DBE000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/224-17-0x00000000746DE000-0x00000000746DF000-memory.dmp
    Filesize

    4KB

    Download
  • memory/224-21-0x00000000746D0000-0x0000000074E81000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/224-22-0x00000000746D0000-0x0000000074E81000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/224-23-0x00000000746D0000-0x0000000074E81000-memory.dmp
    Filesize

    7.7MB

    Download