Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_124cbbcfdc560a7ace800d2fb2d4c7ce_cryptolocker

  • Size

    126KB

  • Sample

    240212-ygv3bsbc5w

  • MD5

    124cbbcfdc560a7ace800d2fb2d4c7ce

  • SHA1

    4134e845c0d9195858d4ea51e67731a0b39eb596

  • SHA256

    75cd65af9f3cc05161873dec6a11fc1cbd8634557791c00b10574904f3dd94df

  • SHA512

    5e8116c7eb4c3b93a0c0df83a84b252759ddb42d72cc63356ae8b992cab791d13f2b4b72e9668144406377d8c7f7fe824408f1b687506060b203307c0b691201

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eInu:AnBdOOtEvwDpj6zX

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-12_124cbbcfdc560a7ace800d2fb2d4c7ce_cryptolocker

    • Size

      126KB

    • MD5

      124cbbcfdc560a7ace800d2fb2d4c7ce

    • SHA1

      4134e845c0d9195858d4ea51e67731a0b39eb596

    • SHA256

      75cd65af9f3cc05161873dec6a11fc1cbd8634557791c00b10574904f3dd94df

    • SHA512

      5e8116c7eb4c3b93a0c0df83a84b252759ddb42d72cc63356ae8b992cab791d13f2b4b72e9668144406377d8c7f7fe824408f1b687506060b203307c0b691201

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eInu:AnBdOOtEvwDpj6zX

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks