a729fb3126408d781e0dd2291bb074e9b070b5145823daa3fdabfd0262734b23 | Triage

Sharing

General

Target

a729fb3126408d781e0dd2291bb074e9b070b5145823daa3fdabfd0262734b23
Size

3.0MB
Sample

240529-14g54acf47
MD5

fc3cbdc2dbac3ffbd5adf9a215853c09
SHA1

43dc5c990f1224e70365a6b295cedb4a648bf359
SHA256

a729fb3126408d781e0dd2291bb074e9b070b5145823daa3fdabfd0262734b23
SHA512

1d44ac366e259d98a981cc78bc6f1b42c97602f00070b8b9aec49359a9e4e21107c9894dd1b5712b110f4241f3785b184c8386dbba4af89534371ea0004e9b73
SSDEEP

98304:nA8h1iV9lP9Wp24uD3+s7/ilFH47zSHOrv:nA80P9o24SDWB47zS+v

Score

9^/10

cryptone packer

Malware Config

Targets

- Target
  
  a729fb3126408d781e0dd2291bb074e9b070b5145823daa3fdabfd0262734b23
- Size
  
  3.0MB
- MD5
  
  fc3cbdc2dbac3ffbd5adf9a215853c09
- SHA1
  
  43dc5c990f1224e70365a6b295cedb4a648bf359
- SHA256
  
  a729fb3126408d781e0dd2291bb074e9b070b5145823daa3fdabfd0262734b23
- SHA512
  
  1d44ac366e259d98a981cc78bc6f1b42c97602f00070b8b9aec49359a9e4e21107c9894dd1b5712b110f4241f3785b184c8386dbba4af89534371ea0004e9b73
- SSDEEP
  
  98304:nA8h1iV9lP9Wp24uD3+s7/ilFH47zSHOrv:nA80P9o24SDWB47zS+v
Score

9^/10

cryptone packer
- CryptOne packer
  Detects CryptOne packer defined in NCC blogpost.
  cryptone packer
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2