Overview

overview

10

Static

static

10

2024-02-04...er.exe

windows7-x64

9

2024-02-04...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-04_3dd5d1cac7c05313513c9f87a6da1360_cryptolocker

  • Size

    64KB

  • Sample

    240204-x53xeabahk

  • MD5

    3dd5d1cac7c05313513c9f87a6da1360

  • SHA1

    d133a313163383db58b680b9a92700573801058d

  • SHA256

    4130b86f2a091273261b0e96dc6d3a48ab589660dee3aee73f96068f6d7ade9e

  • SHA512

    619e844e5bfb3651533471bf438c3411bb59c99e539cea72d9c2ea640ff651890ecde51109d5f6066991617b86496a0b5c7bc22c119d20915d3103274ce5c20c

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUa1Fr:T6a+rdOOtEvwDpjNL

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-04_3dd5d1cac7c05313513c9f87a6da1360_cryptolocker

    • Size

      64KB

    • MD5

      3dd5d1cac7c05313513c9f87a6da1360

    • SHA1

      d133a313163383db58b680b9a92700573801058d

    • SHA256

      4130b86f2a091273261b0e96dc6d3a48ab589660dee3aee73f96068f6d7ade9e

    • SHA512

      619e844e5bfb3651533471bf438c3411bb59c99e539cea72d9c2ea640ff651890ecde51109d5f6066991617b86496a0b5c7bc22c119d20915d3103274ce5c20c

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUa1Fr:T6a+rdOOtEvwDpjNL

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks