Overview

overview

10

Static

static

10

2024-02-04...er.exe

windows7-x64

9

2024-02-04...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-04_c772eacb81086e01bdfedeb5cb1afe8a_cryptolocker

  • Size

    63KB

  • Sample

    240204-ydlz9abchq

  • MD5

    c772eacb81086e01bdfedeb5cb1afe8a

  • SHA1

    071b151748f93fe86410c453ec3ecc9170f3fc77

  • SHA256

    46ba8ca6e66b212f4d91b77044ef8ff85c9a7e2fc4dc8652323bb8751630eb7d

  • SHA512

    d4764aeb5e378effd05b4c8ca967863ac5273ba42aaded0a0401961799672a6811b8cc0c5ee04eea1e38b12ca7584b981770e810896e7f5d1a2eef042790829d

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6UX:1nK6a+qdOOtEvwDpj+

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-04_c772eacb81086e01bdfedeb5cb1afe8a_cryptolocker

    • Size

      63KB

    • MD5

      c772eacb81086e01bdfedeb5cb1afe8a

    • SHA1

      071b151748f93fe86410c453ec3ecc9170f3fc77

    • SHA256

      46ba8ca6e66b212f4d91b77044ef8ff85c9a7e2fc4dc8652323bb8751630eb7d

    • SHA512

      d4764aeb5e378effd05b4c8ca967863ac5273ba42aaded0a0401961799672a6811b8cc0c5ee04eea1e38b12ca7584b981770e810896e7f5d1a2eef042790829d

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6UX:1nK6a+qdOOtEvwDpj+

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks