Overview

overview

10

Static

static

10

2024-02-14...er.exe

windows7-x64

9

2024-02-14...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-14_48d3bf7ebde53de07c3362d7ea1d0cdb_cryptolocker

  • Size

    63KB

  • Sample

    240214-jeyccadh95

  • MD5

    48d3bf7ebde53de07c3362d7ea1d0cdb

  • SHA1

    75b4c820a81b367c674fd7dc88ac579f1a9a39c0

  • SHA256

    b2948bf6cedd5a76c245d5ef5c1510330d882bd16baf6527a651c126a99cd870

  • SHA512

    dcd7414a75ae20852662e5627fba650213152d15df32231ff1a8d816243b7441a20e817d406a9e9ffeeef8b1334ea6e1091311f474b0c17f0c5592a202b45e36

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAoE:1nK6a+qdOOtEvwDpj2

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-14_48d3bf7ebde53de07c3362d7ea1d0cdb_cryptolocker

    • Size

      63KB

    • MD5

      48d3bf7ebde53de07c3362d7ea1d0cdb

    • SHA1

      75b4c820a81b367c674fd7dc88ac579f1a9a39c0

    • SHA256

      b2948bf6cedd5a76c245d5ef5c1510330d882bd16baf6527a651c126a99cd870

    • SHA512

      dcd7414a75ae20852662e5627fba650213152d15df32231ff1a8d816243b7441a20e817d406a9e9ffeeef8b1334ea6e1091311f474b0c17f0c5592a202b45e36

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAoE:1nK6a+qdOOtEvwDpj2

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks