Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_384b94bb65ab207b363ec6f202817934_cryptolocker

  • Size

    108KB

  • Sample

    240212-kyvw1ahc6x

  • MD5

    384b94bb65ab207b363ec6f202817934

  • SHA1

    12d79a95988194731341931dee326e8e06fe5db1

  • SHA256

    af1b665b34fad1ad58bbf4681463c3b402e3e25f1baaf82e7eace024af08e3af

  • SHA512

    ecd0630d9e76515afde051ba5834bc35715c1a0421021867d6fff2ce3adaccc4a7f278b5a16301ed46b5729a496b1a34eb3fd40772c60204356a72d63987fedc

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GksgEn7:1nK6a+qdOOtEvwDpj1

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-12_384b94bb65ab207b363ec6f202817934_cryptolocker

    • Size

      108KB

    • MD5

      384b94bb65ab207b363ec6f202817934

    • SHA1

      12d79a95988194731341931dee326e8e06fe5db1

    • SHA256

      af1b665b34fad1ad58bbf4681463c3b402e3e25f1baaf82e7eace024af08e3af

    • SHA512

      ecd0630d9e76515afde051ba5834bc35715c1a0421021867d6fff2ce3adaccc4a7f278b5a16301ed46b5729a496b1a34eb3fd40772c60204356a72d63987fedc

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GksgEn7:1nK6a+qdOOtEvwDpj1

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks