Overview

overview

10

Static

static

10

2024-04-08...er.exe

windows7-x64

9

2024-04-08...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-08_47db2a26293acf829d9a79bc2aa54b84_cryptolocker

  • Size

    69KB

  • Sample

    240409-vgpnrsch98

  • MD5

    47db2a26293acf829d9a79bc2aa54b84

  • SHA1

    1df9a99ada0ec402091b671855d2087752376105

  • SHA256

    c25c599b4a8cc5e3f757da7af84018ddb75d337953c2a458de8582c88a780878

  • SHA512

    2a3146b108e29479266f42d0cc3f2a5145be22bdc57279733e1ed8d7734794c774dfef1d0acf434b7c072a2c995f9dea7e2b4999056cc5abd59bcc902ec7c0c2

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaFAeB4:z6a+CdOOtEvwDpjQW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-08_47db2a26293acf829d9a79bc2aa54b84_cryptolocker

    • Size

      69KB

    • MD5

      47db2a26293acf829d9a79bc2aa54b84

    • SHA1

      1df9a99ada0ec402091b671855d2087752376105

    • SHA256

      c25c599b4a8cc5e3f757da7af84018ddb75d337953c2a458de8582c88a780878

    • SHA512

      2a3146b108e29479266f42d0cc3f2a5145be22bdc57279733e1ed8d7734794c774dfef1d0acf434b7c072a2c995f9dea7e2b4999056cc5abd59bcc902ec7c0c2

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaFAeB4:z6a+CdOOtEvwDpjQW

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks