Overview

overview

10

Static

static

10

2024-02-22...er.exe

windows7-x64

9

2024-02-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-22_a9f59ac9c9415b153963ad01d03de5f8_cryptolocker

  • Size

    81KB

  • Sample

    240222-kpdalaeh2v

  • MD5

    a9f59ac9c9415b153963ad01d03de5f8

  • SHA1

    9b3e17959f35a6d5d2f73346c7c4b525a6adbee0

  • SHA256

    d494bdca0922aee04ee1f2d460586eb9742c6f5c121d15c31cc2d402fba75210

  • SHA512

    2be8e2f1f37bb2bddd2b9c43912e930d38f942a688ff397be2f797780602d89600dac6ab722864e34da8dc9a337731433d8a098e1a3cc184a00e76979830ef82

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdeSR:T6a+rdOOtEvwDpjNt1

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-22_a9f59ac9c9415b153963ad01d03de5f8_cryptolocker

    • Size

      81KB

    • MD5

      a9f59ac9c9415b153963ad01d03de5f8

    • SHA1

      9b3e17959f35a6d5d2f73346c7c4b525a6adbee0

    • SHA256

      d494bdca0922aee04ee1f2d460586eb9742c6f5c121d15c31cc2d402fba75210

    • SHA512

      2be8e2f1f37bb2bddd2b9c43912e930d38f942a688ff397be2f797780602d89600dac6ab722864e34da8dc9a337731433d8a098e1a3cc184a00e76979830ef82

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdeSR:T6a+rdOOtEvwDpjNt1

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks