469d4e89f59838b6e4fb6929d2ae080193d615162ddeb20a36a2cf4f0729c751 | Triage

Submit
Reports

Overview

overview

Static

static

2024-04-15...er.exe

windows7-x64

9

2024-04-15...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-15_a58e1024c11ef9755a000d4ae584a653_cryptolocker
Size

48KB
Sample

240415-n3ay6sga8x
MD5

a58e1024c11ef9755a000d4ae584a653
SHA1

f69558306c5021b485964799f6bbe03909b4bc1b
SHA256

469d4e89f59838b6e4fb6929d2ae080193d615162ddeb20a36a2cf4f0729c751
SHA512

24afa841337b719b6d1be44f51ee6236293cf05ddd42edfa18b231328e7c7b4a97336b0419def4ed342f44ce87afd8fdd927a14cc5ff25c3d0e6be9e60191619
SSDEEP

768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mocx:qmbhXDmjr5MOtEvwDpj5cDtKkQZQE

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-04-15_a58e1024c11ef9755a000d4ae584a653_cryptolocker.exe

Resource

win7-20240319-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-15_a58e1024c11ef9755a000d4ae584a653_cryptolocker.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-15_a58e1024c11ef9755a000d4ae584a653_cryptolocker
- Size
  
  48KB
- MD5
  
  a58e1024c11ef9755a000d4ae584a653
- SHA1
  
  f69558306c5021b485964799f6bbe03909b4bc1b
- SHA256
  
  469d4e89f59838b6e4fb6929d2ae080193d615162ddeb20a36a2cf4f0729c751
- SHA512
  
  24afa841337b719b6d1be44f51ee6236293cf05ddd42edfa18b231328e7c7b4a97336b0419def4ed342f44ce87afd8fdd927a14cc5ff25c3d0e6be9e60191619
- SSDEEP
  
  768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mocx:qmbhXDmjr5MOtEvwDpj5cDtKkQZQE
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy