Analysis
-
max time kernel
1s -
max time network
6s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
05-04-2024 06:38
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-05_be95890987b379e4f612dc8d7e6eb01f_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-05_be95890987b379e4f612dc8d7e6eb01f_cryptolocker.exe
Resource
win10v2004-20240226-en
General
-
Target
2024-04-05_be95890987b379e4f612dc8d7e6eb01f_cryptolocker.exe
-
Size
54KB
-
MD5
be95890987b379e4f612dc8d7e6eb01f
-
SHA1
3bc98255c86471163c5d200527d236d04b3f633b
-
SHA256
4dd304e23bd4138162c154c951737652b6d89a6fb6377ece151d598b38be8bc9
-
SHA512
f9beefbb3893121543ad4a0cbecb4e721b5f1ce81a29d4d2f3018015dc355b17f35faf738c92ca2a7fc71764d20af437bced788429314990ac145ee0bb0f6f85
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vaTiSfQaV2Lq:X6QFElP6n+gJBMOtEvwDpjBtE1yILq
Malware Config
Signatures
-
Detection of CryptoLocker Variants 1 IoCs
resource yara_rule behavioral2/files/0x0007000000023225-12.dat CryptoLocker_rule2 -
Detection of Cryptolocker Samples 1 IoCs
resource yara_rule behavioral2/files/0x0007000000023225-12.dat CryptoLocker_set1 -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-05_be95890987b379e4f612dc8d7e6eb01f_cryptolocker.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-05_be95890987b379e4f612dc8d7e6eb01f_cryptolocker.exe"1⤵PID:4304
-
C:\Users\Admin\AppData\Local\Temp\asih.exe"C:\Users\Admin\AppData\Local\Temp\asih.exe"2⤵PID:4456
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
54KB
MD5b027450422f007ad676abedfb4207aa4
SHA1221e1ea858484495d6cbd6f8bde1f94b3dedf9e4
SHA256f00b5d0214dd265572005c193e2d5f68de3abd553778ae48dffda4b5bc71152d
SHA512c1a6ea52f0e6bc5c59a86a54a6f749cd241784355cfc1f3ba943f2f8fc20b420a6430cd38c33ef2b357d1941eda6d7429c2950b2e87a212b22912d0d1f09a6ce