15b87c4c81d0083e7b57a1c73e1fa0dfe37f8ad78da1d58caa2c92a5f0f6ac54

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 15:32

Target

2024-01-25_52a0922c0d3d6dc306696e3d8600aad2_cryptolocker.exe
Size

60KB
MD5

52a0922c0d3d6dc306696e3d8600aad2
SHA1

1240d780178902fe0a5a271991a1c29f21367f97
SHA256

15b87c4c81d0083e7b57a1c73e1fa0dfe37f8ad78da1d58caa2c92a5f0f6ac54
SHA512

3d2a48aaa39286128f85e4bde00862f95fec7f631e39d25681ea8dc8fe9e07353e93b36bf174a04e9bb9c1896788e3f3bee02a32f4fca29de919b24ed7ca12b5
SSDEEP

768:P8mnjO6LsoEEeegiZPvEhHSG+g1Mum/kLyMro2GtOOtEvwDpjK:P8mnK6QFElP6n+g1ZmddpMOtEvwDpj

Score

9^/10

upx

UPX dump on OEP (original entry point) 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1392-0-0x0000000000500000-0x000000000050F311-memory.dmp	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral1/memory/1392-0-0x0000000000500000-0x000000000050F311-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2024-01-25_52a0922c0d3d6dc306696e3d8600aad2_cryptolocker.exe
"C:\Users\Admin\AppData\Local\Temp\2024-01-25_52a0922c0d3d6dc306696e3d8600aad2_cryptolocker.exe"
1⤵
PID:1392

memory/1392-0-0x0000000000500000-0x000000000050F311-memory.dmp

Filesize
60KB

Download