3893b0543e538db01966f7c0f637fb24bd834cc659b8e05bd0e6182297479c38 | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-25...er.exe

windows7-x64

9

2024-05-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-25_dc8a097219c2ffa10361d3d02fa06f99_cryptolocker
Size

40KB
Sample

240525-y62amshf63
MD5

dc8a097219c2ffa10361d3d02fa06f99
SHA1

66d1534b35446a4b0a9cbe737671bd572dce3ed6
SHA256

3893b0543e538db01966f7c0f637fb24bd834cc659b8e05bd0e6182297479c38
SHA512

59d9ca2e679ad8c89fc45d3da631e1c52ec6c8fa7d4037904c50fbee28865174a09222ebffbba1816ae94a3325c6a5f751db813bc02237f0bcd16295da54eb77
SSDEEP

768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBC:qDdFJy3QMOtEvwDpjjWMl7Tdw

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

2024-05-25_dc8a097219c2ffa10361d3d02fa06f99_cryptolocker.exe

Resource

win7-20240508-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-25_dc8a097219c2ffa10361d3d02fa06f99_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-25_dc8a097219c2ffa10361d3d02fa06f99_cryptolocker
- Size
  
  40KB
- MD5
  
  dc8a097219c2ffa10361d3d02fa06f99
- SHA1
  
  66d1534b35446a4b0a9cbe737671bd572dce3ed6
- SHA256
  
  3893b0543e538db01966f7c0f637fb24bd834cc659b8e05bd0e6182297479c38
- SHA512
  
  59d9ca2e679ad8c89fc45d3da631e1c52ec6c8fa7d4037904c50fbee28865174a09222ebffbba1816ae94a3325c6a5f751db813bc02237f0bcd16295da54eb77
- SSDEEP
  
  768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBC:qDdFJy3QMOtEvwDpjjWMl7Tdw
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy