Overview

overview

10

Static

static

10

2024-02-28...er.exe

windows7-x64

9

2024-02-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-28_6fa0f7fa5106bd2e282e0ac920dc9498_cryptolocker

  • Size

    95KB

  • Sample

    240228-fn4nyabh42

  • MD5

    6fa0f7fa5106bd2e282e0ac920dc9498

  • SHA1

    efd2fcc16d2e248dc9e3bd4e032f92238efa0215

  • SHA256

    68c22c2d86d85e73ec69a97180c1d1c0b49fb6d59fa26e9c2fea7a7b28794300

  • SHA512

    67c7fc496f5e3259ed19a1688811ba6bf084d94e9812b599018830af9db63453c96856a69f88bdf637b135de3251e040ed63a4cb413800d8b312f66a8da784e6

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp01Oy:AnBdOOtEvwDpj6zJ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-28_6fa0f7fa5106bd2e282e0ac920dc9498_cryptolocker

    • Size

      95KB

    • MD5

      6fa0f7fa5106bd2e282e0ac920dc9498

    • SHA1

      efd2fcc16d2e248dc9e3bd4e032f92238efa0215

    • SHA256

      68c22c2d86d85e73ec69a97180c1d1c0b49fb6d59fa26e9c2fea7a7b28794300

    • SHA512

      67c7fc496f5e3259ed19a1688811ba6bf084d94e9812b599018830af9db63453c96856a69f88bdf637b135de3251e040ed63a4cb413800d8b312f66a8da784e6

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp01Oy:AnBdOOtEvwDpj6zJ

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks