Overview

overview

10

Static

static

10

2024-03-28...er.exe

windows7-x64

9

2024-03-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-28_08504b0a05384ff6a5433a3779f38faf_cryptolocker

  • Size

    92KB

  • Sample

    240328-a2falsca8y

  • MD5

    08504b0a05384ff6a5433a3779f38faf

  • SHA1

    4888fde6e4cd3edb7ca4246265868a2f2b711082

  • SHA256

    56c506e1aafad5a70d6a4f4db22bcca548eeb113746eea434d30f543aa83f05e

  • SHA512

    403300d0c866e8a9a141a0aae452c8207ad92f6f0382e10ce341629c6d79ce17cf277f920de15945c0bd2c5247971c6cfc228e3356935d7187ef622bb081464a

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp01O:AnBdOOtEvwDpj6zQ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-28_08504b0a05384ff6a5433a3779f38faf_cryptolocker

    • Size

      92KB

    • MD5

      08504b0a05384ff6a5433a3779f38faf

    • SHA1

      4888fde6e4cd3edb7ca4246265868a2f2b711082

    • SHA256

      56c506e1aafad5a70d6a4f4db22bcca548eeb113746eea434d30f543aa83f05e

    • SHA512

      403300d0c866e8a9a141a0aae452c8207ad92f6f0382e10ce341629c6d79ce17cf277f920de15945c0bd2c5247971c6cfc228e3356935d7187ef622bb081464a

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp01O:AnBdOOtEvwDpj6zQ

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks