Overview

overview

10

Static

static

10

2024-01-18...er.exe

windows7-x64

9

2024-01-18...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-18_e8c140de37a0d2298ce11c6a95fe322d_cryptolocker

  • Size

    63KB

  • Sample

    240118-3hkefahah7

  • MD5

    e8c140de37a0d2298ce11c6a95fe322d

  • SHA1

    c7e97944167b601e20f97b7e9301cacea14e6fa5

  • SHA256

    704e01034b73bf57da7f8a4958fbbea3f24f7915daf8ed270e84c77f5eb7f28a

  • SHA512

    af22ce080b9e95aa4d541746e9a240b7a926ceede05afa04ff63638d72e25f6b64ac35eafe30f7484481272e54cfc1bc12dac00f467bd8320ee90d3480d9dcb7

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6U2:1nK6a+qdOOtEvwDpj/

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-18_e8c140de37a0d2298ce11c6a95fe322d_cryptolocker

    • Size

      63KB

    • MD5

      e8c140de37a0d2298ce11c6a95fe322d

    • SHA1

      c7e97944167b601e20f97b7e9301cacea14e6fa5

    • SHA256

      704e01034b73bf57da7f8a4958fbbea3f24f7915daf8ed270e84c77f5eb7f28a

    • SHA512

      af22ce080b9e95aa4d541746e9a240b7a926ceede05afa04ff63638d72e25f6b64ac35eafe30f7484481272e54cfc1bc12dac00f467bd8320ee90d3480d9dcb7

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6U2:1nK6a+qdOOtEvwDpj/

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks