Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_51c3410d09eed69225affcd84639e63a_cryptolocker

  • Size

    87KB

  • Sample

    240212-jgblcsfh2w

  • MD5

    51c3410d09eed69225affcd84639e63a

  • SHA1

    dfbac780130bb25b2f9c0b10b29c415666c8ab6e

  • SHA256

    1c345380bf19eb0d55eee14f4c541a22abc738f98598d65713f6f7e2a0f29d57

  • SHA512

    6a7781805ba5b951d533d766c119d9d581e6cbff9fff8bb4f3f36799710c0ca876daf1b13d753d0a6ef74028fab4c37d798c175dc934094f63d1bdd35632a104

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgLs:AnBdOOtEvwDpj6zk

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-12_51c3410d09eed69225affcd84639e63a_cryptolocker

    • Size

      87KB

    • MD5

      51c3410d09eed69225affcd84639e63a

    • SHA1

      dfbac780130bb25b2f9c0b10b29c415666c8ab6e

    • SHA256

      1c345380bf19eb0d55eee14f4c541a22abc738f98598d65713f6f7e2a0f29d57

    • SHA512

      6a7781805ba5b951d533d766c119d9d581e6cbff9fff8bb4f3f36799710c0ca876daf1b13d753d0a6ef74028fab4c37d798c175dc934094f63d1bdd35632a104

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgLs:AnBdOOtEvwDpj6zk

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks