4b5795f774f163b378528dbe6c7f5f0cd800954f7d1a77faf0454980ffbd8ff2

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
31/10/2023, 17:17

Target

NEAS.2023-09-07_3b52079fdf76114d00c4dcc50bf97720_cryptolocker_JC.exe
Size

64KB
MD5

3b52079fdf76114d00c4dcc50bf97720
SHA1

593a860657eac17952e98459d2f00c6bfa2275f7
SHA256

4b5795f774f163b378528dbe6c7f5f0cd800954f7d1a77faf0454980ffbd8ff2
SHA512

4ceed2a2b275fee706ea1384378542c1d0a10dc075ea04921b695ce7e8669e1e741866d1077d93753332674308205f60503c9e1c8ae26b9460519a3e37864a64
SSDEEP

768:T6LsoEEeegiZPvEhHSG+gZJMum/kLyMro2GtOOtEvwDpjh:T6QFElP6n+gZJZmddpMOtEvwDpj

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1208-0-0x0000000000500000-0x0000000000510000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_3b52079fdf76114d00c4dcc50bf97720_cryptolocker_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_3b52079fdf76114d00c4dcc50bf97720_cryptolocker_JC.exe"
1⤵
PID:1208

memory/1208-0-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download