General
-
Target
Cryptic.zip
-
Size
14.1MB
-
Sample
250218-jvhltszpv9
-
MD5
830a611cd4ae32ba1fad3a1bd3114b89
-
SHA1
373049160c86bef47ab4d5a024ce09eff311b48b
-
SHA256
10627f29effe5b03d5ec51ac8ad6d23116d1dca62bc39cd8014163d57e0ad504
-
SHA512
dad790a69134286fde7540f4dcd4a28b81bab2363e813f4aee5c7345879808e340e82733fb36b543ccfa75adf41c5fca275d8c16cf4aba6e6174f0c7d37b0eb5
-
SSDEEP
393216:A/NNQWhVm54TCbEjMVyaV/UDiQFyrjY9G7LhmQ91:HWm5ZV8TFyrMaLhd
Malware Config
Targets
-
-
Target
Cryptic.zip
-
Size
14.1MB
-
MD5
830a611cd4ae32ba1fad3a1bd3114b89
-
SHA1
373049160c86bef47ab4d5a024ce09eff311b48b
-
SHA256
10627f29effe5b03d5ec51ac8ad6d23116d1dca62bc39cd8014163d57e0ad504
-
SHA512
dad790a69134286fde7540f4dcd4a28b81bab2363e813f4aee5c7345879808e340e82733fb36b543ccfa75adf41c5fca275d8c16cf4aba6e6174f0c7d37b0eb5
-
SSDEEP
393216:A/NNQWhVm54TCbEjMVyaV/UDiQFyrjY9G7LhmQ91:HWm5ZV8TFyrMaLhd
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Downloads MZ/PE file
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint
-
Size
66B
-
MD5
0c9218609241dbaa26eba66d5aaf08ab
-
SHA1
31f1437c07241e5f075268212c11a566ceb514ec
-
SHA256
52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b
-
SHA512
5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json
-
Size
134B
-
MD5
58d3ca1189df439d0538a75912496bcf
-
SHA1
99af5b6a006a6929cc08744d1b54e3623fec2f36
-
SHA256
a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
-
SHA512
afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json
-
Size
3KB
-
MD5
6bbb18bb210b0af189f5d76a65f7ad80
-
SHA1
87b804075e78af64293611a637504273fadfe718
-
SHA256
01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
-
SHA512
4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/BrowserMetrics-spare.pma
-
Size
1.2MB
-
MD5
1045bfd216ae1ae480dd0ef626f5ff39
-
SHA1
377e869bc123602e9b568816b76be600ed03dbd0
-
SHA256
439292e489a0a35e4a3a0fe304ea1a680337243fa53b135aa9310881e1d7e078
-
SHA512
f9f8fcc23fc084af69d7c9abb0ef72c4684ac8ddf7fa6b2028e2f19fd67435f28534c0cf5b17453dfe352437c777d6f71cfe1d6ad3542ad9d636263400908fd2
-
SSDEEP
3::
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/CertificateRevocation/6498.2024.12.2/crl-set
-
Size
21KB
-
MD5
846feb52bd6829102a780ec0da74ab04
-
SHA1
dd98409b49f0cd1f9d0028962d7276860579fb54
-
SHA256
124b7eeba31f0e3d9b842a62f3441204beb13fade81da38b854aecba0e03a5b4
-
SHA512
c8759e675506ccc6aa9807798252c7e7c48a0ab31674609738617dc105cee38bce69d4d41d6b95e16731466880b386d35483cbeea6275773f7041ba6e305fae9
-
SSDEEP
384:qt71+UBzeWhU6yVS2Ddc0fp/9yYoIJgWUeJuDzeG0LOsr2h9ltQYX9hVPz/HG1pA:a4GBwVPDdFhVyYoPWUiuXeG0K5dQYXFr
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/CertificateRevocation/6498.2024.12.2/manifest.fingerprint
-
Size
66B
-
MD5
dee9d3bdd016c697d11e370a995e7332
-
SHA1
ef13d667efd507e160de165f4f1fe918fc728ca2
-
SHA256
a84789942c4436967dba5d0ce45a3f6767bcfebf67b951fbef75cca32e9acd96
-
SHA512
1c798ed77fcaccc5ec237cb6618e6425fb7dbbe5f22b2a969b915987fda4be8ecadc265871832f0b7f9b5656433c27f8495eceb16598294fab80e709b2cb3d68
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/CertificateRevocation/6498.2024.12.2/manifest.json
-
Size
114B
-
MD5
e6cd92ad3b3ab9cb3d325f3c4b7559aa
-
SHA1
0704d57b52cf55674524a5278ed4f7ba1e19ca0c
-
SHA256
63dfb8d99ce83b3ca282eb697dc76b17b4a48e4065fc7efafb77724739074a9d
-
SHA512
172d5dc107757bb591b9a8ed7f2b48f22b5184d6537572d375801113e294febfbe39077c408e3a04c44e6072427cbe443c6614d205a5a4aa290101722e18f5e8
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Crashpad/settings.dat
-
Size
280B
-
MD5
dbb6508011df2fa15230bf629d10b904
-
SHA1
80b518b49593c098a9c84105669816741d9e4d45
-
SHA256
3138bead71e5e2eaa6c59d6aa02f3bdb2635920b0b74f8dec37a0366811292dc
-
SHA512
fb11590d4476b961b385102aff2f60497fd62d3d75dfa4500c858cf8767967a51898a0ee05b2b385e3865e5cc24189744a4a90a3433b87d75479f56c224af6ec
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Crashpad/throttle_store.dat
-
Size
20B
-
MD5
9e4e94633b73f4a7680240a0ffd6cd2c
-
SHA1
e68e02453ce22736169a56fdb59043d33668368f
-
SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304
-
SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337
Score3/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0
-
Size
44KB
-
MD5
7090fe042b4283228d3ee7c3eae329c4
-
SHA1
ebd7cb9cdc163240ce0f88ca5ab52240531232f9
-
SHA256
b387bef66718f4d678468b76ed7b5adeb3bf5d728aced4e85c1f31dce5381f14
-
SHA512
aee6da648bf17aaac6e8ca9f89f3f1cc886e6a0f631f1ab74469eadb7ef8119ab822cc9246464aac2ffc38c6afc1ebe0f16070f3aaac64fc57b24deecdef6804
-
SSDEEP
6:/FCYSikN8hflKf8W/9ke+jSH0FNIihaFMrh/pkds2ctAYJ:dbcN8ZlJe+jSU3gaMYJ
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1
-
Size
264KB
-
MD5
c8a304319a62335ac44fe43e082849ca
-
SHA1
c7848b9c277d7f9de642f51704dbf601631a0e08
-
SHA256
27923a6dfd592905c0345c355d09a47f3100b48d483293cf3a95f4ae850d8034
-
SHA512
9a5bd4aecbd81bd8a730a9088e708543f0ba22b62b4f5ad3a038e48b49c00bcb484eb58b4d50898d904de05a43e0197871054c239a60873a277fe4756a535c26
-
SSDEEP
96:hxDM8MHM+bMRMNM88M+nTtklxn3mJkx/M4W:zDM8MHMmMRMNM88M+nul93U+M4
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_2
-
Size
1.0MB
-
MD5
85cd6c945c3f83847a5c35567c91c639
-
SHA1
a2c539e229014d2387646ba04e804fa2cbf545ef
-
SHA256
a0f3a311ac17a52b1fc191e786a6b8a1375aceb707daee77540a1ea928de9f0d
-
SHA512
f0d4b98b5e48efff305d54bf2c072294b02f48a0aa1c616c77c8fc1f3729a23a4b4892d6f881219cd95056ae5c59827322b2acca4becdb40633af3f3c4eab044
-
SSDEEP
768:D7kWZt7kWvh7kWPg7kWN67kWE7kWV7kWsz7kW:D7ff7fZ7fPg7fY7fE7fV7fsz7f
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_3
-
Size
4.0MB
-
MD5
ac59432923293f406c175da8796f7e8f
-
SHA1
f54d32330e0518213a3a87719d44e4831e2a0257
-
SHA256
0880d441dd3db17a0bbdf04a874419fd7c38eb0027dc3d4851d7fbeb531b9ef3
-
SHA512
340442d70ffef23ff92ed416b7db990326c32473ac9d70c30951fb31dd10bb084c81e1718967755c656445aad36888f1aea38a7b3d1acc8e95bd5abb6f191ea5
-
SSDEEP
768:XRQKjKJJFYPjNTsLOtq71NRaIjbuKB4bHu54:XR3+JJqjmDvbBQv
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/f_000001
-
Size
652KB
-
MD5
88d5ae895846c1d2ec624e844a17762e
-
SHA1
32445fc803b2268843b1f749e75be230759b8473
-
SHA256
caf7f3f0ee03b9c95c91f2b0eb82b4a9717c8cefa0dd46d594104ea3acea4814
-
SHA512
e4184695ad7561ea7b69f17e7df739dfdeb0b0dcd3668c176b244d68ac76930c1f0e8dc7d6175a5e033db2b62aee886610aeffafe5d6acf6bc39e5ae3271eddf
-
SSDEEP
12288:jokkE1E+8TS0HnsImw0gPtWe/CMy27IoNx2y1qwVkf23lHEBfRuZ2tXng:rzE+C/Hns9wbPL/yo2y1qwyRu6Xg
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/f_000002
-
Size
17KB
-
MD5
a43f09a4f027da185fe40cd4de4d47a9
-
SHA1
45f6dfce81a28b2fe2fe65af50a77ed4329f6ed2
-
SHA256
359e08b75ce4a5b981f4ebdcd52502fb1507c9765a0bd95ef546ef5a3b2670ff
-
SHA512
745391f3448d7b639d41978296ce7e3e3c689d064bee0b11c627b216b4eb8ad1da421fcd7c0cd25c168093869424690711db7cb6bc9baa9174fbe971b9f17876
-
SSDEEP
384:df/fW0R8U2CbtoHz/GAVAJfsZpRW6cjPSQrai2ezmZx6o9RaBEOmu8tvb+1g:dPWrUXbKHz+zEpI6cjPSAlz0UEOmu8tN
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Downloads MZ/PE file
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/f_000003
-
Size
82KB
-
MD5
4f201229e5fa965f8ead2ef0e0b9fa00
-
SHA1
8657887eba348d192ad208b6f6e98ad358e90a6a
-
SHA256
3409813999fbe89457af75f7958346869479c75a5b5cc9dfc4fb7ee78c8be049
-
SHA512
fece7e96c035f54dd0c597e5d78230bf16301b5548ef217f8bb84478a350d6fd69165d866cd84ee2c6ca898ef2df9e8c0f71ecd87e6d248aa6ce4b490747ad43
-
SSDEEP
1536:y2XTxS7CvyF32c2CSYAY/osJXwM8QPyfwm6ZjqDQbbxLaEL84Yy1pCKVnATF:yaUevyFmcjMEAQKYPZG+bIEL4yTJ6
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/f_000004
-
Size
36KB
-
MD5
870134e880a679948a82beaf96461154
-
SHA1
20a98dfe97153b6dd76e3be5a0a3db48c5358f93
-
SHA256
f72b8c247085c2dbda14ec0caae5f12c0701547cf8e5e6d677a84cbc62d85494
-
SHA512
1017f04d1a62dc47fda9ef9fd34bdbc4ccefbee40df4ee41e30bee20d7d4ecde1f3a8e749f9409295159da615f00a556114816c88de028edf708afb29bc8caaa
-
SSDEEP
768:SrpCMDcm4pH4tETDfi+Srff6blvqoS6w92qabqUfl:SrrcmWHTnIr6blvqoSFIffl
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Cache/Cache_Data/index
-
Size
512KB
-
MD5
681286bfda866e341ffec0a0a180c95d
-
SHA1
a7fdf0d8f3d60de6fb19bac18e53b6a65c8275d1
-
SHA256
00eacbaddf6db32efc59982b4a9f4dd99d64af1e734629217afa3b46280b9906
-
SHA512
f3999d086994fee75889c593d325e0bfc33e8e64087dbe788bc078ef0bafb9c049f0bbc9b001b920603cf58bf8e602a9a1a1188b0e939482afee93032afa1c8c
-
SSDEEP
3:Ls0lAltlNllnlnpt/lSll/nflXlWlXlpNtlTlwlmNtlHNl/lMNl/l:LscAlX3lnlDg4BPNXuN
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Code Cache/js/index
-
Size
24B
-
MD5
54cb446f628b2ea4a5bce5769910512e
-
SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
-
SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
-
SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Code Cache/js/index-dir/the-real-index
-
Size
48B
-
MD5
fd6df9de246fffcfbe062d2cd3003334
-
SHA1
41df2a28866a29693bf6c7138a9edc05b12d7a2e
-
SHA256
bd850add89b0688b46e82807f5b97df91ffa2d1bac5d99ce46a2ec0cecd28c31
-
SHA512
b1e0959148778d5aa6d750c4a190923169cd0986b6a7a8d4d4fe51658f198c515b5b27195e656ce98eb35a96d736e255d8cadea79ee5c5b171c29d21cbbb722e
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Code Cache/wasm/index
-
Size
24B
-
MD5
54cb446f628b2ea4a5bce5769910512e
-
SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
-
SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
-
SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/Code Cache/wasm/index-dir/the-real-index
-
Size
48B
-
MD5
fd6df9de246fffcfbe062d2cd3003334
-
SHA1
41df2a28866a29693bf6c7138a9edc05b12d7a2e
-
SHA256
bd850add89b0688b46e82807f5b97df91ffa2d1bac5d99ce46a2ec0cecd28c31
-
SHA512
b1e0959148778d5aa6d750c4a190923169cd0986b6a7a8d4d4fe51658f198c515b5b27195e656ce98eb35a96d736e255d8cadea79ee5c5b171c29d21cbbb722e
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/DIPS
-
Size
36KB
-
MD5
b954f6e63a0e57e34b36c51f1ff67bdd
-
SHA1
4a6e63c4a047cecdc5ee927ddb8ce65a172678ad
-
SHA256
7a4bdadc9e0593a2b81afc758f1f67958f0ff63c55362e0564372db4d5571920
-
SHA512
f04a00175cdd964342e117634217cfd29ce34516744df35acb1d59e2b4cd0588a3b945d4f846389d84b21f44f92db79916ef596d345a212c0d3d38dea01e44da
-
SSDEEP
48:TEQq3qhmr/O439Y2LNW9WjWbfl4pwU1cuBq:cEmrm439VLNW9WjWbfltuq
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/DawnGraphiteCache/data_0
-
Size
8KB
-
MD5
cf89d16bb9107c631daabf0c0ee58efb
-
SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
-
SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
-
SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0
-
SSDEEP
3:MsFl:/F
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/DawnGraphiteCache/data_1
-
Size
264KB
-
MD5
47744ec2faa795b5f22ecad3f28b436e
-
SHA1
a4dbdc3f855c532ab8d648da1c52fba4fb8ba4ad
-
SHA256
8b1467fc13340c191894cba58f9157cf2e2f91eef6f921d0b4252a20ab55c720
-
SHA512
f17a5ee60b5419bb4805856ca38512ff5aec6fdd6b37e5ec405d42732262f92a7c8579d126bff928fc5954b959aefe2d230d09892871d2c3e6da2bc9d1b208b9
-
SSDEEP
3:MsEllllkEthXllkl2zExllMwal/:/M/xT02zOe
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/DawnGraphiteCache/data_2
-
Size
8KB
-
MD5
0962291d6d367570bee5454721c17e11
-
SHA1
59d10a893ef321a706a9255176761366115bedcb
-
SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
-
SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed
-
SSDEEP
3:MsHlDll:/H
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/DawnGraphiteCache/data_3
-
Size
8KB
-
MD5
41876349cb12d6db992f1309f22df3f0
-
SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27
-
SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
-
SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e
-
SSDEEP
3:MsGl3ll:/y
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/Cryptic.exe.WebView2/EBWebView/Default/DawnGraphiteCache/index
-
Size
256KB
-
MD5
07fc72eee7fbd6614b24c0999e008978
-
SHA1
e05bb8f15cd8a381b612a14e2b8bea9407012c11
-
SHA256
014523aaab156057df695d08166c944ac67ef6cebd2187c9fd2d96463cddf370
-
SHA512
e856ce20a421b688627a047bf7cbd44e387a37b0a3e5c70c8fa83030121ee3c0fddb9fc36abb7510ba419edf2c7372115f4f87ca35366623533c92841f3dba25
-
SSDEEP
3:LstlNllkll/l+r1:LsX3lEt+r1
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/CrypticSetup.exe
-
Size
1.7MB
-
MD5
a64517503adb2a1bb8a2f58ca8a661de
-
SHA1
f8a5a7f0f6a974559e63ec744402a497a45150e2
-
SHA256
11f4f22eabb173d8c37e80a3de3ba1d321805fb6d5adae498c6628145811ef2e
-
SHA512
d2abdecd68535ecb372a53d659e9a90bb219042c48d64627553a5a1e62ce0f9e88cd2bb4a2c41136bf280f1292379b936e1d0055f4111289e60ae64836f1baf3
-
SSDEEP
24576:27FUDowAyrTVE3U5F/jERcabKueSR0eKic6QL3E2vVsjECUAQT45deRV9RUrx:2BuZrEU0Rc8eSR0eKIy029s4C1eH9E
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
Cryptic Release/Cryptic/WebView2Loader.dll
-
Size
162KB
-
MD5
c9a5d0f278d57d83a03404b8baeeac64
-
SHA1
39d44b999c1d89c36136804a373d4d427bc7d679
-
SHA256
462b36fd1be6ca9f7563466a89e57c41ef4a4def3e0a84fa885d203aea4a3aaf
-
SHA512
97dfb08eae34624b7679a4bb07dee242b2a38324dc13b8aaec6de7f6fed477e9f9bc7474d4df9fbe907d1a460723db7177b7128a26edf5bd73d38d4d45722db6
-
SSDEEP
3072:fXAne8TlTRTSpL1ThTNTRyMDjRb/hy75HGRtVBviiZsZ5AalCPTxiEtJx9eg8Xjm:/yTlTRTUL1ThTNTRyeLq1GRtVBvPZsrw
Score1/10 -
-
-
Target
Cryptic Release/Cryptic/runtimes/win-x64/native/WebView2Loader.dll
-
Size
162KB
-
MD5
c9a5d0f278d57d83a03404b8baeeac64
-
SHA1
39d44b999c1d89c36136804a373d4d427bc7d679
-
SHA256
462b36fd1be6ca9f7563466a89e57c41ef4a4def3e0a84fa885d203aea4a3aaf
-
SHA512
97dfb08eae34624b7679a4bb07dee242b2a38324dc13b8aaec6de7f6fed477e9f9bc7474d4df9fbe907d1a460723db7177b7128a26edf5bd73d38d4d45722db6
-
SSDEEP
3072:fXAne8TlTRTSpL1ThTNTRyMDjRb/hy75HGRtVBviiZsZ5AalCPTxiEtJx9eg8Xjm:/yTlTRTUL1ThTNTRyeLq1GRtVBvPZsrw
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Browser Extensions
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Component Object Model Hijacking
1