Overview

overview

10

Static

static

10

2024-01-24...er.exe

windows7-x64

9

2024-01-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-24_3daae42d1a63b366a6756ac6b28b99c9_cryptolocker

  • Size

    127KB

  • Sample

    240124-d3a9tshdbn

  • MD5

    3daae42d1a63b366a6756ac6b28b99c9

  • SHA1

    5cdd441f348254090c141373d27ab0257dbda95f

  • SHA256

    4061d2bdd102f07468d5b1162065e4a1431cd7df4fe7440b1633074ee9a3405a

  • SHA512

    7ff01f9dbe930678575f7f5b554d2801cc9e22a76e800f4d83bc4a70cc9eb2d7d0e7a1603e1a656e13d941518d23721a0b1c94a3913ea042705b7f1db5cd823c

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eT:AnBdOOtEvwDpj6zZ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-24_3daae42d1a63b366a6756ac6b28b99c9_cryptolocker

    • Size

      127KB

    • MD5

      3daae42d1a63b366a6756ac6b28b99c9

    • SHA1

      5cdd441f348254090c141373d27ab0257dbda95f

    • SHA256

      4061d2bdd102f07468d5b1162065e4a1431cd7df4fe7440b1633074ee9a3405a

    • SHA512

      7ff01f9dbe930678575f7f5b554d2801cc9e22a76e800f4d83bc4a70cc9eb2d7d0e7a1603e1a656e13d941518d23721a0b1c94a3913ea042705b7f1db5cd823c

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eT:AnBdOOtEvwDpj6zZ

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks