dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d | Triage

Submit
Reports

Overview

overview

Static

static

dd32a8393e...1d.exe

windows7-x64

9

dd32a8393e...1d.exe

windows10-2004-x64

9

Sharing

General

Target

dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d
Size

39KB
Sample

240524-etkbtacg7t
MD5

820ac1958f78f9b7d0f517548553da87
SHA1

3f67a90ad07818ff3c05befb21e0e7828bbdde57
SHA256

dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d
SHA512

369cbec5abf5ac1bb9cd0d01b20c91af3cce307235f2ad9a0da663834a15b994405151d918f4f48c37edb2001f28c89f2b3d677e007358108bea46f183678b44
SSDEEP

768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY/q:qDdFJy3QMOtEvwDpjjWMl7Tb

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d.exe

Resource

win7-20240508-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d
- Size
  
  39KB
- MD5
  
  820ac1958f78f9b7d0f517548553da87
- SHA1
  
  3f67a90ad07818ff3c05befb21e0e7828bbdde57
- SHA256
  
  dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d
- SHA512
  
  369cbec5abf5ac1bb9cd0d01b20c91af3cce307235f2ad9a0da663834a15b994405151d918f4f48c37edb2001f28c89f2b3d677e007358108bea46f183678b44
- SSDEEP
  
  768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY/q:qDdFJy3QMOtEvwDpjjWMl7Tb
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy