Overview

overview

9

Static

static

3

Cryptic.exe

windows7-x64

9

Cryptic.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 03:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Cryptic.exe

  • Size

    15KB

  • MD5

    5b3ed1f3b340771117a4621025d3bae7

  • SHA1

    7d164884563743ec14e4e31786cce113933f3443

  • SHA256

    127778539498bcda13ef8df6942e2ec8c4eddc40b366e169f840b71841f3165d

  • SHA512

    3e7c340eb19d63359861a7eb5da44635d092cd0c95b0234cda38692578e5a337b736340fa874a80c32d4c734f3820d0f8e5dc57355eb45e15c6c9d632e67150e

  • SSDEEP

    384:Y2gv+y7tAOtn/uMgzDCKsidHZHVW2hvptYcFA/Vc03K:Yr+yqOxGdDEiFZHs2hBtYcFA/Vc6K

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (144) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\Cryptic.exe
    "C:\Users\Admin\AppData\Local\Temp\Cryptic.exe"
    1⤵
      PID:3040

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3040-0-0x000007FEF5263000-0x000007FEF5264000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3040-1-0x000000013F8E0000-0x000000013F8E8000-memory.dmp

      Filesize

      32KB

      Download

    • memory/3040-2-0x000007FEF5260000-0x000007FEF5C4C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/3040-157-0x000007FEF5263000-0x000007FEF5264000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3040-158-0x000007FEF5260000-0x000007FEF5C4C000-memory.dmp

      Filesize

      9.9MB

      Download