da3891acb46d6b07626521bb2945ccd2ddabb99d166b2e9aa639fa5e18f37732 | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-03...er.exe

windows7-x64

9

2024-05-03...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_b7598c62a541318c6dbf38199064c05c_cryptolocker
Size

41KB
Sample

240503-fd4k7afd8w
MD5

b7598c62a541318c6dbf38199064c05c
SHA1

4ec88a48dac85e49dfee4f4f80980c7a5157f3f5
SHA256

da3891acb46d6b07626521bb2945ccd2ddabb99d166b2e9aa639fa5e18f37732
SHA512

592d71cd90924ce2ce96b201da41c988f6d47ca10666affb54c4a62301df45c66ce0f20846aa81ef0205c2246752c45d6b083d9d45211d99b5347cd1c1db0f61
SSDEEP

384:ba74uGLLQRcsdeQ72ngEr4K7YmE8j6CQYnrz1ZhdaXFXSCVQTLfjDpXqxKHTG:ba74zYcgT/EkdCQgpwXFXSqQXfj0xKi

Score

10^/10

upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

2024-05-03_b7598c62a541318c6dbf38199064c05c_cryptolocker.exe

Resource

win7-20240215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-03_b7598c62a541318c6dbf38199064c05c_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-03_b7598c62a541318c6dbf38199064c05c_cryptolocker
- Size
  
  41KB
- MD5
  
  b7598c62a541318c6dbf38199064c05c
- SHA1
  
  4ec88a48dac85e49dfee4f4f80980c7a5157f3f5
- SHA256
  
  da3891acb46d6b07626521bb2945ccd2ddabb99d166b2e9aa639fa5e18f37732
- SHA512
  
  592d71cd90924ce2ce96b201da41c988f6d47ca10666affb54c4a62301df45c66ce0f20846aa81ef0205c2246752c45d6b083d9d45211d99b5347cd1c1db0f61
- SSDEEP
  
  384:ba74uGLLQRcsdeQ72ngEr4K7YmE8j6CQYnrz1ZhdaXFXSCVQTLfjDpXqxKHTG:ba74zYcgT/EkdCQgpwXFXSqQXfj0xKi
Score

9^/10

upx
- Detection of CryptoLocker Variants
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy