Overview

overview

10

Static

static

10

2024-02-13...er.exe

windows7-x64

9

2024-02-13...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-13_dfc68a4422144377f4a7e8dab62aef32_cryptolocker

  • Size

    80KB

  • Sample

    240213-r96wzacc2w

  • MD5

    dfc68a4422144377f4a7e8dab62aef32

  • SHA1

    e52f5fcd63471fd930d5999cc62505fb17dd8b69

  • SHA256

    efa9a28bda455561043ccddca4fe61d76b4f2dc14d2e2cae7ef96957b8df7d57

  • SHA512

    f467998cae25617f6f440182d29dc7fd29e47f29f686ff3772ea5b84ae37dbbd0968bd723c4af9ae86655d823a761b92f4e17873a15fc5143140f0df1917b734

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBd0nJ:T6a+rdOOtEvwDpjNtK

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-13_dfc68a4422144377f4a7e8dab62aef32_cryptolocker

    • Size

      80KB

    • MD5

      dfc68a4422144377f4a7e8dab62aef32

    • SHA1

      e52f5fcd63471fd930d5999cc62505fb17dd8b69

    • SHA256

      efa9a28bda455561043ccddca4fe61d76b4f2dc14d2e2cae7ef96957b8df7d57

    • SHA512

      f467998cae25617f6f440182d29dc7fd29e47f29f686ff3772ea5b84ae37dbbd0968bd723c4af9ae86655d823a761b92f4e17873a15fc5143140f0df1917b734

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBd0nJ:T6a+rdOOtEvwDpjNtK

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks