Overview

overview

8

Static

static

8

2022-11-23...er.exe

windows7-x64

8

2022-11-23...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2022-11-23_a7d6cbd797c6bd2f4970d56cca4cc167_cryptolocker

  • Size

    118KB

  • Sample

    221123-xal1eaed47

  • MD5

    a7d6cbd797c6bd2f4970d56cca4cc167

  • SHA1

    147b8a116d91e65f43a4b92d0e67aed3d4d3b783

  • SHA256

    9829307f77d68c84080869f6e8f989ca7d42591df8ce31e3d60f9105365b8698

  • SHA512

    2e649394cc91a1647bc30b37e1aa8f06d39d277461f3608b0372b926f8069ed030c48b9214d737e8a6b051584ecc3182051d3e909404e3e08a4f6e598e123289

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp69p:z6a+CdOOtEvwDpjcz/

Score
8/10
upx

Malware Config

Targets

    • Target

      2022-11-23_a7d6cbd797c6bd2f4970d56cca4cc167_cryptolocker

    • Size

      118KB

    • MD5

      a7d6cbd797c6bd2f4970d56cca4cc167

    • SHA1

      147b8a116d91e65f43a4b92d0e67aed3d4d3b783

    • SHA256

      9829307f77d68c84080869f6e8f989ca7d42591df8ce31e3d60f9105365b8698

    • SHA512

      2e649394cc91a1647bc30b37e1aa8f06d39d277461f3608b0372b926f8069ed030c48b9214d737e8a6b051584ecc3182051d3e909404e3e08a4f6e598e123289

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp69p:z6a+CdOOtEvwDpjcz/

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks