Overview

overview

10

Static

static

10

2024-03-13...er.exe

windows7-x64

9

2024-03-13...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-13_07a89687469781682b963ab98fbb2052_cryptolocker

  • Size

    59KB

  • Sample

    240313-ld52xahf9t

  • MD5

    07a89687469781682b963ab98fbb2052

  • SHA1

    c34bc08dcb0a17807f88bf737272155cda4c8f17

  • SHA256

    056935a954db2c7a5e655d6748b3893d30ab31add099031e75804d047fe2ee36

  • SHA512

    6a8145171f2dcb59654ef33b17a375b4f5f7bc250c2dd099d26921407f71c4e581ebde373f9d4300914f9f34ae29ba2cf840a0a658986e1b383f2532a3359ae4

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHNMs:1nK6a+qdOOtEvwDpjW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-13_07a89687469781682b963ab98fbb2052_cryptolocker

    • Size

      59KB

    • MD5

      07a89687469781682b963ab98fbb2052

    • SHA1

      c34bc08dcb0a17807f88bf737272155cda4c8f17

    • SHA256

      056935a954db2c7a5e655d6748b3893d30ab31add099031e75804d047fe2ee36

    • SHA512

      6a8145171f2dcb59654ef33b17a375b4f5f7bc250c2dd099d26921407f71c4e581ebde373f9d4300914f9f34ae29ba2cf840a0a658986e1b383f2532a3359ae4

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHNMs:1nK6a+qdOOtEvwDpjW

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks