f69a7465654d966d32c834609c8f44975b42d6d8dc145323fc85ef9076daf00c | Triage

Submit
Reports

Overview

overview

Static

static

2024-03-11...er.exe

windows7-x64

9

2024-03-11...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-03-11_e40ec8e6606f9e556621251ea4a91f05_cryptolocker
Size

108KB
Sample

240311-1gh4wafa81
MD5

e40ec8e6606f9e556621251ea4a91f05
SHA1

3a746cc9bcd0e1c6ad8ec4bd65d9715d63a38b84
SHA256

f69a7465654d966d32c834609c8f44975b42d6d8dc145323fc85ef9076daf00c
SHA512

d7ae9578e7b3d32cf4a7660d61132c2c21403a241be0c12e2bae7214ebeb56ac117055da89aeb0e4736050fd8d849c88999a1c359b2d9d359a30f5ede188e20f
SSDEEP

1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GkszfE:1nK6a+qdOOtEvwDpjQ

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

2024-03-11_e40ec8e6606f9e556621251ea4a91f05_cryptolocker.exe

Resource

win7-20240220-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-11_e40ec8e6606f9e556621251ea4a91f05_cryptolocker.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-11_e40ec8e6606f9e556621251ea4a91f05_cryptolocker
- Size
  
  108KB
- MD5
  
  e40ec8e6606f9e556621251ea4a91f05
- SHA1
  
  3a746cc9bcd0e1c6ad8ec4bd65d9715d63a38b84
- SHA256
  
  f69a7465654d966d32c834609c8f44975b42d6d8dc145323fc85ef9076daf00c
- SHA512
  
  d7ae9578e7b3d32cf4a7660d61132c2c21403a241be0c12e2bae7214ebeb56ac117055da89aeb0e4736050fd8d849c88999a1c359b2d9d359a30f5ede188e20f
- SSDEEP
  
  1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GkszfE:1nK6a+qdOOtEvwDpjQ
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy