Overview

overview

10

Static

static

10

2024-02-20...er.exe

windows7-x64

9

2024-02-20...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-20_13be11194e5b35f09900feea4c7e86ff_cryptolocker

  • Size

    57KB

  • Sample

    240220-xcbbpadf52

  • MD5

    13be11194e5b35f09900feea4c7e86ff

  • SHA1

    ddacd99c252850177f10bf8eae0560269d1bde5d

  • SHA256

    126c4b5de5754958026c8f6041d17d61945906068c48b3738b0764560514bea4

  • SHA512

    8f42cc433612e1764bc04cf1cf38160ccf41d970411488a7b4b1d1b3637fef7b96e70f1c7ca21a029fc053e99b8e4a3b9483d08c691d83d558ffb3d1b174daac

  • SSDEEP

    768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5app1uV:z6QFElP6n+gKmddpMOtEvwDpj9aYaYV

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-20_13be11194e5b35f09900feea4c7e86ff_cryptolocker

    • Size

      57KB

    • MD5

      13be11194e5b35f09900feea4c7e86ff

    • SHA1

      ddacd99c252850177f10bf8eae0560269d1bde5d

    • SHA256

      126c4b5de5754958026c8f6041d17d61945906068c48b3738b0764560514bea4

    • SHA512

      8f42cc433612e1764bc04cf1cf38160ccf41d970411488a7b4b1d1b3637fef7b96e70f1c7ca21a029fc053e99b8e4a3b9483d08c691d83d558ffb3d1b174daac

    • SSDEEP

      768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5app1uV:z6QFElP6n+gKmddpMOtEvwDpj9aYaYV

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks