Overview

overview

10

Static

static

10

2024-02-21...er.exe

windows7-x64

9

2024-02-21...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-21_a4744fb5d77cb4addce921092642711f_cryptolocker

  • Size

    125KB

  • Sample

    240221-ykl9lafa65

  • MD5

    a4744fb5d77cb4addce921092642711f

  • SHA1

    a1f0999d17c1f10debddef72a57749d3fee9ce50

  • SHA256

    dc7d18efa8aca05c8fd895c496bd88da0e9b0650eecfdc1efcadfcb9d6d9fac3

  • SHA512

    af5b94f34c5b4425ca11d4142bc52bba6a4270d41f374886abeecb910ccd1dcae2ff91d527ae6396c1f33c0c91110b81141c0acc500af9c653479a7300a3291f

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eLE:AnBdOOtEvwDpj6z+

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-21_a4744fb5d77cb4addce921092642711f_cryptolocker

    • Size

      125KB

    • MD5

      a4744fb5d77cb4addce921092642711f

    • SHA1

      a1f0999d17c1f10debddef72a57749d3fee9ce50

    • SHA256

      dc7d18efa8aca05c8fd895c496bd88da0e9b0650eecfdc1efcadfcb9d6d9fac3

    • SHA512

      af5b94f34c5b4425ca11d4142bc52bba6a4270d41f374886abeecb910ccd1dcae2ff91d527ae6396c1f33c0c91110b81141c0acc500af9c653479a7300a3291f

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eLE:AnBdOOtEvwDpj6z+

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks