71965a8faa41b2b9ccf32ef6412d188e37ff77d3f5e84b2e7b2352c33a6cb720

Analysis

max time kernel
1s
max time network
10s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
06-08-2023 15:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8dadd493157ea26aa1ec69fbc707ce6b_cryptolocker_JC.exe
Size

29KB
MD5

8dadd493157ea26aa1ec69fbc707ce6b
SHA1

9b1e3415be01d73af2ffef2de971daca7abb048f
SHA256

71965a8faa41b2b9ccf32ef6412d188e37ff77d3f5e84b2e7b2352c33a6cb720
SHA512

86714380931b139c4db7a7a8088b459f10bff9bea6640a94efb56de9925c0ed8ecf66bd19ab2069cd7470527874f0847deb3a671e5dfbe011e319e1449e75121
SSDEEP

768:q0ZziOWwULueOSdE8tOOtEvwDpjeW01FBz:q0zizzOSxMOtEvwDpj/01Dz

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\8dadd493157ea26aa1ec69fbc707ce6b_cryptolocker_JC.exe
"C:\Users\Admin\AppData\Local\Temp\8dadd493157ea26aa1ec69fbc707ce6b_cryptolocker_JC.exe"
1⤵
PID:1824
- C:\Users\Admin\AppData\Local\Temp\asih.exe
  "C:\Users\Admin\AppData\Local\Temp\asih.exe"
  2⤵
  PID:3284

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
29KB

MD5
7e0f5c3a092b4f9b326b2de43aa8723e

SHA1
00f8eb48383b353bff0382791787e87a6677f644

SHA256
1670d62966806d8dd0822561d56556567c382b2db0ffc9b1a6943744df14574b

SHA512
378cfbdd6653ab944bd9c36d13858f5dbc4438266c73e11648c2419baf501c3fd7e25cb7a6723e774fcb402890951267ed1825f654adf4b3cdf8c8f4dfe383b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
29KB

MD5
7e0f5c3a092b4f9b326b2de43aa8723e

SHA1
00f8eb48383b353bff0382791787e87a6677f644

SHA256
1670d62966806d8dd0822561d56556567c382b2db0ffc9b1a6943744df14574b

SHA512
378cfbdd6653ab944bd9c36d13858f5dbc4438266c73e11648c2419baf501c3fd7e25cb7a6723e774fcb402890951267ed1825f654adf4b3cdf8c8f4dfe383b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
29KB

MD5
7e0f5c3a092b4f9b326b2de43aa8723e

SHA1
00f8eb48383b353bff0382791787e87a6677f644

SHA256
1670d62966806d8dd0822561d56556567c382b2db0ffc9b1a6943744df14574b

SHA512
378cfbdd6653ab944bd9c36d13858f5dbc4438266c73e11648c2419baf501c3fd7e25cb7a6723e774fcb402890951267ed1825f654adf4b3cdf8c8f4dfe383b0

Download Submit
memory/1824-133-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/1824-134-0x00000000004D0000-0x00000000004D6000-memory.dmp

Filesize
24KB

Download
memory/1824-135-0x00000000004D0000-0x00000000004D6000-memory.dmp

Filesize
24KB

Download
memory/1824-136-0x00000000004F0000-0x00000000004F6000-memory.dmp

Filesize
24KB

Download
memory/1824-150-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download