Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_48422d1de467d2df58a9424f2bc1fc3b_cryptolocker

  • Size

    61KB

  • Sample

    240212-x32assbb3x

  • MD5

    48422d1de467d2df58a9424f2bc1fc3b

  • SHA1

    941925b2e47630a48eadea9b43844492b46609c9

  • SHA256

    5b8a74d58a12ca9c45e1b15806f72f63a64216b8a0e6162ebfbc29630a47bf55

  • SHA512

    deb06b0cf3406f5e151a1a7adb42b0085762f37cbd8beee099972d61d4340e7c1a2b9e53130c0c18b9c9181406ab7a19242e4597199db2ec30cf0c30bcfd3fcd

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY7D3:1nK6a+qdOOtEvwDpjY

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-12_48422d1de467d2df58a9424f2bc1fc3b_cryptolocker

    • Size

      61KB

    • MD5

      48422d1de467d2df58a9424f2bc1fc3b

    • SHA1

      941925b2e47630a48eadea9b43844492b46609c9

    • SHA256

      5b8a74d58a12ca9c45e1b15806f72f63a64216b8a0e6162ebfbc29630a47bf55

    • SHA512

      deb06b0cf3406f5e151a1a7adb42b0085762f37cbd8beee099972d61d4340e7c1a2b9e53130c0c18b9c9181406ab7a19242e4597199db2ec30cf0c30bcfd3fcd

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY7D3:1nK6a+qdOOtEvwDpjY

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks