Overview

overview

10

Static

static

10

2024-03-12...er.exe

windows7-x64

9

2024-03-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-12_9bda1e9b7d8bdffef0f89d63069c1d1e_cryptolocker

  • Size

    86KB

  • Sample

    240312-ghbxeabg79

  • MD5

    9bda1e9b7d8bdffef0f89d63069c1d1e

  • SHA1

    741ba5db4ae84eb8c8ff15675168062746339d4f

  • SHA256

    1ac5cda50e243fbc85f2b4177ec8b74dd198bedbb869242b6f140b5c96e0f584

  • SHA512

    e19374effcaf1b1eeff8aa94a061923a540df34c09eaa2a61adc375c615a4a1b7415ee4591d004077c2a5ad1a525f4a78e688dc77c53f6aa2c304803a8d53602

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgOm2:AnBdOOtEvwDpj6z6

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-12_9bda1e9b7d8bdffef0f89d63069c1d1e_cryptolocker

    • Size

      86KB

    • MD5

      9bda1e9b7d8bdffef0f89d63069c1d1e

    • SHA1

      741ba5db4ae84eb8c8ff15675168062746339d4f

    • SHA256

      1ac5cda50e243fbc85f2b4177ec8b74dd198bedbb869242b6f140b5c96e0f584

    • SHA512

      e19374effcaf1b1eeff8aa94a061923a540df34c09eaa2a61adc375c615a4a1b7415ee4591d004077c2a5ad1a525f4a78e688dc77c53f6aa2c304803a8d53602

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgOm2:AnBdOOtEvwDpj6z6

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks