Overview

overview

10

Static

static

10

2024-03-07...er.exe

windows7-x64

9

2024-03-07...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-07_9041c49f3303df5daf255f8d84816f26_cryptolocker

  • Size

    80KB

  • Sample

    240307-ge76fafh2v

  • MD5

    9041c49f3303df5daf255f8d84816f26

  • SHA1

    a6f646dc6e89f4aff91853a50fbf55f42d98c1d4

  • SHA256

    ab422b29e5aafb7eda4e125deeebc5cf503421d44f10a65ea917758f5517eb5f

  • SHA512

    4c645180762cd432d080f0ec012f5f15671566541f95d2c8a69a5c91be197fd82e08b7427b30fb25346fed006d7c71ff6a78f3a121974587cc511f7438baa382

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1kyTghh:zCsanOtEvwDpjT

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-07_9041c49f3303df5daf255f8d84816f26_cryptolocker

    • Size

      80KB

    • MD5

      9041c49f3303df5daf255f8d84816f26

    • SHA1

      a6f646dc6e89f4aff91853a50fbf55f42d98c1d4

    • SHA256

      ab422b29e5aafb7eda4e125deeebc5cf503421d44f10a65ea917758f5517eb5f

    • SHA512

      4c645180762cd432d080f0ec012f5f15671566541f95d2c8a69a5c91be197fd82e08b7427b30fb25346fed006d7c71ff6a78f3a121974587cc511f7438baa382

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1kyTghh:zCsanOtEvwDpjT

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks