cerber | eb04c7fde0ba573eae3e9307a3c91613e2eb4c41e97e0ad7a3979d2ac0e1dff1 | Triage

Submit
Reports

Overview

overview

Static

static

3

larksharp.exe

windows7-x64

7

larksharp.exe

windows10-2004-x64

Sharing

General

Target

larksharp.exe
Size

10.0MB
Sample

241026-3ahwms1fnp
MD5

1e61aac32833d7e38884ae4df8e9748e
SHA1

b2f17de7878360c69f6c103cfb0d2f77c530cd39
SHA256

eb04c7fde0ba573eae3e9307a3c91613e2eb4c41e97e0ad7a3979d2ac0e1dff1
SHA512

947758430b35760ac87cacf9ba42c04b13628b67c9ce1bd866cb362021537f10f99869c73c62cbf7cf177fa2da285ebce11e23688e79eda22b157fa47ef9bd01
SSDEEP

196608:v6Dg6CsXDjDVdJolpPgToa10/inHu7eu0jr5MJLheXAxFg6XVnZ+YtlBGFOnJBDP:SE6CED/J83a10anHKeT/5QKAHBlZ7l4C

Score

10^/10

cerber pyinstaller ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

larksharp.exe

Resource

win7-20240708-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

larksharp.exe

Resource

win10v2004-20241007-en

cerber ransomware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  larksharp.exe
- Size
  
  10.0MB
- MD5
  
  1e61aac32833d7e38884ae4df8e9748e
- SHA1
  
  b2f17de7878360c69f6c103cfb0d2f77c530cd39
- SHA256
  
  eb04c7fde0ba573eae3e9307a3c91613e2eb4c41e97e0ad7a3979d2ac0e1dff1
- SHA512
  
  947758430b35760ac87cacf9ba42c04b13628b67c9ce1bd866cb362021537f10f99869c73c62cbf7cf177fa2da285ebce11e23688e79eda22b157fa47ef9bd01
- SSDEEP
  
  196608:v6Dg6CsXDjDVdJolpPgToa10/inHu7eu0jr5MJLheXAxFg6XVnZ+YtlBGFOnJBDP:SE6CED/J83a10anHKeT/5QKAHBlZ7l4C
Score

10^/10

pyinstaller cerber ransomware
- Cerber
  Cerber is a widely used ransomware-as-a-service (RaaS), first seen in 2017.
  ransomware cerber
- Cerber family
  cerber
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cerberransomware

© 2018-2024

Terms | Privacy