0ae4cbb168f11f77bcb95619a22dab15d0e7c1ea647283eee7c5ed40f3c16998 | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-07...er.exe

windows7-x64

9

2024-05-07...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-05-07_0dd7e12449c2d3e08d66cbf90a9d0d1e_cryptolocker
Size

88KB
Sample

240507-dxc68sah47
MD5

0dd7e12449c2d3e08d66cbf90a9d0d1e
SHA1

c2bd65ed20190c5a69729205550fea464f10bde4
SHA256

0ae4cbb168f11f77bcb95619a22dab15d0e7c1ea647283eee7c5ed40f3c16998
SHA512

0a7c4c2681c29eaab155808e1fd40b556b22170105108af4ef833b698a5f1429bdb30f5710d34eeb0a9ee67b991c034cf5dac21c884f03ddd5544bc16b4113c7
SSDEEP

768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIOD2:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgk

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

2024-05-07_0dd7e12449c2d3e08d66cbf90a9d0d1e_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-07_0dd7e12449c2d3e08d66cbf90a9d0d1e_cryptolocker.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-07_0dd7e12449c2d3e08d66cbf90a9d0d1e_cryptolocker
- Size
  
  88KB
- MD5
  
  0dd7e12449c2d3e08d66cbf90a9d0d1e
- SHA1
  
  c2bd65ed20190c5a69729205550fea464f10bde4
- SHA256
  
  0ae4cbb168f11f77bcb95619a22dab15d0e7c1ea647283eee7c5ed40f3c16998
- SHA512
  
  0a7c4c2681c29eaab155808e1fd40b556b22170105108af4ef833b698a5f1429bdb30f5710d34eeb0a9ee67b991c034cf5dac21c884f03ddd5544bc16b4113c7
- SSDEEP
  
  768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIOD2:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgk
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy