Overview

overview

10

Static

static

10

2024-03-14...er.exe

windows7-x64

9

2024-03-14...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-14_539671d8207b3a85d5500eb9f64cd807_cryptolocker

  • Size

    99KB

  • Sample

    240314-e679each29

  • MD5

    539671d8207b3a85d5500eb9f64cd807

  • SHA1

    6a98acc254929baee51617e0cde47d98fd82c68d

  • SHA256

    af69d1c555d23eb53761d8e3c78ec2cca84ae3345aa439384d46ee47e2265a6b

  • SHA512

    20297c6b13c38667f833eafe23b96adabbe733fc2464fb0dd1ba1f383d62ac029ed48d8509e0212b0dffec3ce7fe7d09ff19b48d493a63eb0d2763772c617399

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbbr/BKiXa6cLQ:z6a+CdOOtEvwDpjcV

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-14_539671d8207b3a85d5500eb9f64cd807_cryptolocker

    • Size

      99KB

    • MD5

      539671d8207b3a85d5500eb9f64cd807

    • SHA1

      6a98acc254929baee51617e0cde47d98fd82c68d

    • SHA256

      af69d1c555d23eb53761d8e3c78ec2cca84ae3345aa439384d46ee47e2265a6b

    • SHA512

      20297c6b13c38667f833eafe23b96adabbe733fc2464fb0dd1ba1f383d62ac029ed48d8509e0212b0dffec3ce7fe7d09ff19b48d493a63eb0d2763772c617399

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbbr/BKiXa6cLQ:z6a+CdOOtEvwDpjcV

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks