e2c25b719c0f9a6bd10dc42dd2db7314a7a476be1df36a6b0d1cc440193fe60b | Triage

Submit
Reports

Overview

overview

Static

static

2024-04-26...er.exe

windows7-x64

9

2024-04-26...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker
Size

93KB
Sample

240426-3t7zwafe5v
MD5

de7c3a59e723220b86dc267ebd2d1ef7
SHA1

88ead96eec1a31778fb63414c49141658337aa17
SHA256

e2c25b719c0f9a6bd10dc42dd2db7314a7a476be1df36a6b0d1cc440193fe60b
SHA512

34765bebddd299064d81106ecc0f902a5a96a01adc7d2862170fdb7195f59e775e2b71aef65960d2d2de2147a70535b4bb81dd8ca03feb1203349403c06f3cc2
SSDEEP

1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+v:AnBdOOtEvwDpj6zM

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker
- Size
  
  93KB
- MD5
  
  de7c3a59e723220b86dc267ebd2d1ef7
- SHA1
  
  88ead96eec1a31778fb63414c49141658337aa17
- SHA256
  
  e2c25b719c0f9a6bd10dc42dd2db7314a7a476be1df36a6b0d1cc440193fe60b
- SHA512
  
  34765bebddd299064d81106ecc0f902a5a96a01adc7d2862170fdb7195f59e775e2b71aef65960d2d2de2147a70535b4bb81dd8ca03feb1203349403c06f3cc2
- SSDEEP
  
  1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+v:AnBdOOtEvwDpj6zM
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy