48ecd13e3f5625c13757000433d75c4979169b231c1ad77b7ccd2661dcb340ac | Triage

Analysis

max time kernel
1s
max time network
6s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2023, 19:11

Sharing

Report Analysis Logs

General

Target

8ae443393e5a4ab13558b6a0498e9836_cryptolocker_JC.exe
Size

86KB
MD5

8ae443393e5a4ab13558b6a0498e9836
SHA1

27c1fa7fa568fb6d1fc2d9d192040e0cca675d60
SHA256

48ecd13e3f5625c13757000433d75c4979169b231c1ad77b7ccd2661dcb340ac
SHA512

adfcb1386482f463aa2722dab4a31b9a952318ef4cb6d7049114ba5876f88427840546f04f4c601ec60ddb19acff4330688c4a7e3e21cfbe65597a2511712c1f
SSDEEP

1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNieRpW:vCjsIOtEvwDpj5H8zPn

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\8ae443393e5a4ab13558b6a0498e9836_cryptolocker_JC.exe
"C:\Users\Admin\AppData\Local\Temp\8ae443393e5a4ab13558b6a0498e9836_cryptolocker_JC.exe"
1⤵
PID:4832
- C:\Users\Admin\AppData\Local\Temp\misid.exe
  "C:\Users\Admin\AppData\Local\Temp\misid.exe"
  2⤵
  PID:4736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\misid.exe

Filesize
86KB

MD5
e6e97fc4034e34e8dbb0e305fcbc7cae

SHA1
9f3e99c91215a108f0f9da227e96aaeaa2920b45

SHA256
d37f2d8cf76545ae531a9c060a399db7acf4dcbc47316cf6e0bc488784d5bce8

SHA512
bbe093020321b6ff830a4d419cdfde4043f6a980f0f7d15ae0d395b70cf98c9cfe6bb16a2b161d8b096f74e40924af965259b68272a01dcdc29911f69788f307

Download Submit
C:\Users\Admin\AppData\Local\Temp\misid.exe

Filesize
86KB

MD5
e6e97fc4034e34e8dbb0e305fcbc7cae

SHA1
9f3e99c91215a108f0f9da227e96aaeaa2920b45

SHA256
d37f2d8cf76545ae531a9c060a399db7acf4dcbc47316cf6e0bc488784d5bce8

SHA512
bbe093020321b6ff830a4d419cdfde4043f6a980f0f7d15ae0d395b70cf98c9cfe6bb16a2b161d8b096f74e40924af965259b68272a01dcdc29911f69788f307

Download Submit
C:\Users\Admin\AppData\Local\Temp\misid.exe

Filesize
86KB

MD5
e6e97fc4034e34e8dbb0e305fcbc7cae

SHA1
9f3e99c91215a108f0f9da227e96aaeaa2920b45

SHA256
d37f2d8cf76545ae531a9c060a399db7acf4dcbc47316cf6e0bc488784d5bce8

SHA512
bbe093020321b6ff830a4d419cdfde4043f6a980f0f7d15ae0d395b70cf98c9cfe6bb16a2b161d8b096f74e40924af965259b68272a01dcdc29911f69788f307

Download Submit
memory/4832-0-0x00000000021C0000-0x00000000021C6000-memory.dmp

Filesize
24KB

Download
memory/4832-1-0x00000000021C0000-0x00000000021C6000-memory.dmp

Filesize
24KB

Download
memory/4832-2-0x0000000002040000-0x0000000002046000-memory.dmp

Filesize
24KB

Download