Overview

overview

10

Static

static

3

d765e722e2...b9.exe

windows7-x64

10

Resubmissions

21-06-2024 22:12

240621-14qr8sserb 10

21-06-2024 22:10

240621-13ptjssepf 10

21-06-2024 22:09

240621-127yqsseng 10

21-06-2024 22:09

240621-12xg1asend 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.zip

  • Size

    282KB

  • Sample

    240621-127yqsseng

  • MD5

    ec3432724c14f0ba1ba9f339dc9f9fda

  • SHA1

    97b63407fec885a348969dd0c8e11c247ff92979

  • SHA256

    821c26907f90dc7c057811fa0d26d9f48b77493eedf7ab9f39132404ef7a037f

  • SHA512

    d13575455a04ba30290f1bad4fa7ad6f2835952e857cf0fb9307dc3f28ce7a30863f604ef5173b1a20d2a5260248ee756dd8fe12ed3575259a846c01f91146fa

  • SSDEEP

    6144:E4qwgkFQ9RlSjB7KbSr8Hv6MTfGCvvwNpMa:9qwgvoj14Sr8HiMTfGyMMa

Score
10/10
cryptolockerpersistenceransomware

Malware Config

Targets

    • Target

      d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.exe

    • Size

      338KB

    • MD5

      04fb36199787f2e3e2135611a38321eb

    • SHA1

      65559245709fe98052eb284577f1fd61c01ad20d

    • SHA256

      d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9

    • SHA512

      533d6603f6e2a77bd1b2c6591a135c4717753d53317c1be06e43774e896d9543bcd0ea6904a0688aa84b2d8424641d68994b1e7dc4aa46d66c36feecb6145444

    • SSDEEP

      6144:sWmw0EuCN0pLWgTO3x5N22vWvLRKKAX5l++SybIvC:sWkEuCaNT85I2vCMX5l+ZRv

    Score
    10/10
    cryptolockerpersistenceransomware

    • CryptoLocker

      Ransomware family with multiple variants.

      ransomwarecryptolocker

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks