Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_217102e04c35995d71165a844cfe865d_cryptolocker

  • Size

    55KB

  • Sample

    240212-lgr98abf43

  • MD5

    217102e04c35995d71165a844cfe865d

  • SHA1

    af1b3e26e24d97d4726fd75658f9a9b583294335

  • SHA256

    ef103410bfa402cc83d599bab2023c9ad63f89db28df348d3ca562eba1cf1aef

  • SHA512

    64a68d9b0b4ad4106fdaf1948e145621f1983a24e5630b5c6162d38b905c8a31b6289cb77d65f896796da897d84bcc292023462043f257ec87e6d84966032966

  • SSDEEP

    768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5axcEC:z6QFElP6n+gKmddpMOtEvwDpj9aYa5C

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-12_217102e04c35995d71165a844cfe865d_cryptolocker

    • Size

      55KB

    • MD5

      217102e04c35995d71165a844cfe865d

    • SHA1

      af1b3e26e24d97d4726fd75658f9a9b583294335

    • SHA256

      ef103410bfa402cc83d599bab2023c9ad63f89db28df348d3ca562eba1cf1aef

    • SHA512

      64a68d9b0b4ad4106fdaf1948e145621f1983a24e5630b5c6162d38b905c8a31b6289cb77d65f896796da897d84bcc292023462043f257ec87e6d84966032966

    • SSDEEP

      768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5axcEC:z6QFElP6n+gKmddpMOtEvwDpj9aYa5C

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks