Overview

overview

10

Static

static

10

2024-02-25...er.exe

windows7-x64

9

2024-02-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-25_51e46fb1626837dd5b2899e340018f05_cryptolocker

  • Size

    98KB

  • Sample

    240225-s1qn3aff91

  • MD5

    51e46fb1626837dd5b2899e340018f05

  • SHA1

    79e3585d3fd1f612b240e378fa6fb8e7a4766e9a

  • SHA256

    996c9f384a6297bead15c7566e8c705e8ce40a53138d0fdc1c5f942a26454e61

  • SHA512

    4b1e92c4ea2191805db87cacb937bfeb45e21d21998ec538f62f38b76c4c0eda96a10aab3fc4c4a83a44feaa8b2765afbbfcb5af370c6f698a12f0f1937731c4

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPGF2Z:AnBdOOtEvwDpj6zPZ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-25_51e46fb1626837dd5b2899e340018f05_cryptolocker

    • Size

      98KB

    • MD5

      51e46fb1626837dd5b2899e340018f05

    • SHA1

      79e3585d3fd1f612b240e378fa6fb8e7a4766e9a

    • SHA256

      996c9f384a6297bead15c7566e8c705e8ce40a53138d0fdc1c5f942a26454e61

    • SHA512

      4b1e92c4ea2191805db87cacb937bfeb45e21d21998ec538f62f38b76c4c0eda96a10aab3fc4c4a83a44feaa8b2765afbbfcb5af370c6f698a12f0f1937731c4

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPGF2Z:AnBdOOtEvwDpj6zPZ

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks