3e702f12da937c13c5983c4b9293d3ba2864e39dc23a4f0244b84fd75f797456 | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-13...er.exe

windows7-x64

9

2024-05-13...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-13_81f60aeddd95d659620c4db9e472362e_cryptolocker
Size

51KB
Sample

240513-1cmlhaed9t
MD5

81f60aeddd95d659620c4db9e472362e
SHA1

d5bf933b10a95436a94d2a28bfa122f672bcc37b
SHA256

3e702f12da937c13c5983c4b9293d3ba2864e39dc23a4f0244b84fd75f797456
SHA512

7bf452b3c928a11b954afbda7df2a25a4ef0c7c6eae9672b82f39871a24de8441fe66e180ecbccb23bd3cc8c83f8eea946b6dcf8a57b0589e89ebebdfb714dc9
SSDEEP

768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoccH:qmbhXDmjr5MOtEvwDpj5cDtKkQZQzt

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-05-13_81f60aeddd95d659620c4db9e472362e_cryptolocker.exe

Resource

win7-20240220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-13_81f60aeddd95d659620c4db9e472362e_cryptolocker.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-13_81f60aeddd95d659620c4db9e472362e_cryptolocker
- Size
  
  51KB
- MD5
  
  81f60aeddd95d659620c4db9e472362e
- SHA1
  
  d5bf933b10a95436a94d2a28bfa122f672bcc37b
- SHA256
  
  3e702f12da937c13c5983c4b9293d3ba2864e39dc23a4f0244b84fd75f797456
- SHA512
  
  7bf452b3c928a11b954afbda7df2a25a4ef0c7c6eae9672b82f39871a24de8441fe66e180ecbccb23bd3cc8c83f8eea946b6dcf8a57b0589e89ebebdfb714dc9
- SSDEEP
  
  768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoccH:qmbhXDmjr5MOtEvwDpj5cDtKkQZQzt
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy