Overview

overview

10

Static

static

10

virus.zip

windows7-x64

10

virus.zip

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virus.zip

  • Size

    17.2MB

  • Sample

    240915-k6gdkswcqh

  • MD5

    08fdbf17d1288af24e2ab492e6d27dca

  • SHA1

    a7c8822cf5ed6a455a1e755422355a9e63dfb037

  • SHA256

    3c50ef708fd72b96187e91c30cd80fb3eddd8cc6530e1e81dfaefbe6bc50ef34

  • SHA512

    7dc1156f5b26612bf1d05a089f0e1344f5a1bc9d7a4927f504fbf395cfc295507553934d33f19cbaf1c7b2de1080ea30f6013dadc905b6bd464bf99a2c367e39

  • SSDEEP

    393216:2UwzvsTsjqXVhqNsnhtlZeRjPLRmh/eDaXxUGZaH4:2UwbsTSqTq6nl4mh/eDzH4

Score
10/10
cyratdiscoverypyinstallerransomware

Malware Config

Targets

    • Target

      virus.zip

    • Size

      17.2MB

    • MD5

      08fdbf17d1288af24e2ab492e6d27dca

    • SHA1

      a7c8822cf5ed6a455a1e755422355a9e63dfb037

    • SHA256

      3c50ef708fd72b96187e91c30cd80fb3eddd8cc6530e1e81dfaefbe6bc50ef34

    • SHA512

      7dc1156f5b26612bf1d05a089f0e1344f5a1bc9d7a4927f504fbf395cfc295507553934d33f19cbaf1c7b2de1080ea30f6013dadc905b6bd464bf99a2c367e39

    • SSDEEP

      393216:2UwzvsTsjqXVhqNsnhtlZeRjPLRmh/eDaXxUGZaH4:2UwbsTSqTq6nl4mh/eDzH4

    Score
    10/10
    cyratdiscoverypyinstallerransomware

    • Cyrat Ransomware

      Python-based ransomware which encrypts files using the Fernet library.

      ransomwarecyrat

    • Cyrat executable

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks