aa8bf4c7e9aad52c9f572a6533fd0e803383d7c7aeed9a1001217b1795b420dc

Analysis

max time kernel
1s
max time network
27s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
22-10-2023 07:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NEAS.2023-09-06_21dcfc80176f978d097c8f65f1241741_cryptolocker_JC.exe
Size

94KB
MD5

21dcfc80176f978d097c8f65f1241741
SHA1

05318b59f483ebafd1d2c1f9f276d367f9ca1328
SHA256

aa8bf4c7e9aad52c9f572a6533fd0e803383d7c7aeed9a1001217b1795b420dc
SHA512

ba786add2628d4d6bd861c45fa0a52735b84afe840caa9da019c441b34d116f4775460b1fdebcf40598fd9632673eda784824641dacfcdd3eddabba93b74c07b
SSDEEP

1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbbr/BM:z6a+CdOOtEvwDpjcK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 5 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4260-0-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/files/0x0007000000022e35-13.dat	upx
behavioral2/files/0x0007000000022e35-15.dat	upx
behavioral2/files/0x0007000000022e35-16.dat	upx
behavioral2/memory/4260-18-0x0000000000500000-0x0000000000510000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-06_21dcfc80176f978d097c8f65f1241741_cryptolocker_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-06_21dcfc80176f978d097c8f65f1241741_cryptolocker_JC.exe"
1⤵
PID:4260
- C:\Users\Admin\AppData\Local\Temp\asih.exe
  "C:\Users\Admin\AppData\Local\Temp\asih.exe"
  2⤵
  PID:4708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
94KB

MD5
3ebc950685edc59eff87cfa42fa8667c

SHA1
5ed11a432d05827df63e886876234298221c44ed

SHA256
5130bc803da5454afd0d1dc1f1b8497206f3630eff07759f09d8b18a65652ea1

SHA512
f9c4ac7fa491df9233fb880d65723971287145572d21d3bdc1ab4ca78bb29e4e3eaf4cdff2bdbed5ee450ee8f8d1066861d0177990026b96512e349ebad551df

Download Submit
C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
94KB

MD5
3ebc950685edc59eff87cfa42fa8667c

SHA1
5ed11a432d05827df63e886876234298221c44ed

SHA256
5130bc803da5454afd0d1dc1f1b8497206f3630eff07759f09d8b18a65652ea1

SHA512
f9c4ac7fa491df9233fb880d65723971287145572d21d3bdc1ab4ca78bb29e4e3eaf4cdff2bdbed5ee450ee8f8d1066861d0177990026b96512e349ebad551df

Download Submit
C:\Users\Admin\AppData\Local\Temp\asih.exe

Filesize
94KB

MD5
3ebc950685edc59eff87cfa42fa8667c

SHA1
5ed11a432d05827df63e886876234298221c44ed

SHA256
5130bc803da5454afd0d1dc1f1b8497206f3630eff07759f09d8b18a65652ea1

SHA512
f9c4ac7fa491df9233fb880d65723971287145572d21d3bdc1ab4ca78bb29e4e3eaf4cdff2bdbed5ee450ee8f8d1066861d0177990026b96512e349ebad551df

Download Submit
memory/4260-0-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/4260-1-0x0000000000660000-0x0000000000666000-memory.dmp

Filesize
24KB

Download
memory/4260-2-0x0000000000660000-0x0000000000666000-memory.dmp

Filesize
24KB

Download
memory/4260-3-0x00000000006D0000-0x00000000006D6000-memory.dmp

Filesize
24KB

Download
memory/4260-18-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads