Overview

overview

10

Static

static

10

2024-01-28...er.exe

windows7-x64

9

2024-01-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-28_a4ff42ff72abf7e7adcfe39060a7646e_cryptolocker

  • Size

    73KB

  • Sample

    240128-a5e41shedj

  • MD5

    a4ff42ff72abf7e7adcfe39060a7646e

  • SHA1

    f7d096bd8840a27f6c655a4518c335ceb823de30

  • SHA256

    eba5dd127cc4c5adf1531da297b1d83c9fbab0edfedec86a79e7908bd24c2f9b

  • SHA512

    e85bdc02c0966d8aa5e4e169730c3ae95451cb44546b8fd6ef8b74bceadec6a0509818700f6f6f0747e989447d566c8623d7c35a91c65f43e17cd5c3a5199b14

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUx4U:T6a+rdOOtEvwDpjNtHP8

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-28_a4ff42ff72abf7e7adcfe39060a7646e_cryptolocker

    • Size

      73KB

    • MD5

      a4ff42ff72abf7e7adcfe39060a7646e

    • SHA1

      f7d096bd8840a27f6c655a4518c335ceb823de30

    • SHA256

      eba5dd127cc4c5adf1531da297b1d83c9fbab0edfedec86a79e7908bd24c2f9b

    • SHA512

      e85bdc02c0966d8aa5e4e169730c3ae95451cb44546b8fd6ef8b74bceadec6a0509818700f6f6f0747e989447d566c8623d7c35a91c65f43e17cd5c3a5199b14

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUx4U:T6a+rdOOtEvwDpjNtHP8

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks