5a90df55146dae999268cd3a4c6916c2784c531f572100cda79fda142eeb4135 | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-22...er.exe

windows7-x64

9

2024-05-22...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-05-22_bd7a9a07e997bd4fe01f836fce69daca_cryptolocker
Size

79KB
Sample

240522-c9186ahh54
MD5

bd7a9a07e997bd4fe01f836fce69daca
SHA1

f538ed724282e3463605f5e1c520341fb602dbd3
SHA256

5a90df55146dae999268cd3a4c6916c2784c531f572100cda79fda142eeb4135
SHA512

ea36740010d81676b8b2fb704f23f46f2e32d1e55e5066ecbd874450d6e7f80785caa931877ab4b4c721dfde71a9d630a41b98a03c3ce42a140fd5ba8f57eb72
SSDEEP

1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB14n:T6a+rdOOtEvwDpjNtHPJ

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

2024-05-22_bd7a9a07e997bd4fe01f836fce69daca_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-22_bd7a9a07e997bd4fe01f836fce69daca_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-22_bd7a9a07e997bd4fe01f836fce69daca_cryptolocker
- Size
  
  79KB
- MD5
  
  bd7a9a07e997bd4fe01f836fce69daca
- SHA1
  
  f538ed724282e3463605f5e1c520341fb602dbd3
- SHA256
  
  5a90df55146dae999268cd3a4c6916c2784c531f572100cda79fda142eeb4135
- SHA512
  
  ea36740010d81676b8b2fb704f23f46f2e32d1e55e5066ecbd874450d6e7f80785caa931877ab4b4c721dfde71a9d630a41b98a03c3ce42a140fd5ba8f57eb72
- SSDEEP
  
  1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB14n:T6a+rdOOtEvwDpjNtHPJ
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy