Overview

overview

10

Static

static

10

2024-04-15...er.exe

windows7-x64

9

2024-04-15...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-15_fb0ca6f0463323aa8d993495697d04d8_cryptolocker

  • Size

    54KB

  • Sample

    240415-smnmjshe99

  • MD5

    fb0ca6f0463323aa8d993495697d04d8

  • SHA1

    9cdd2540c74e3d3a7e0aa8483303294998c6db7c

  • SHA256

    87b7beb98093105d152a4f53e872025bb2b071031445b834ef770bd95e525cdc

  • SHA512

    76c44e62c4cfb2399fc291f728baa998cda0be737e87242841d6b14bca423dc46f19ec73e528b67ddb6109c8ff0ef7700a07f9828f3d07a134189bdfe12018d9

  • SSDEEP

    768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjQ:bP9g/xtCS3Dxx05

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-15_fb0ca6f0463323aa8d993495697d04d8_cryptolocker

    • Size

      54KB

    • MD5

      fb0ca6f0463323aa8d993495697d04d8

    • SHA1

      9cdd2540c74e3d3a7e0aa8483303294998c6db7c

    • SHA256

      87b7beb98093105d152a4f53e872025bb2b071031445b834ef770bd95e525cdc

    • SHA512

      76c44e62c4cfb2399fc291f728baa998cda0be737e87242841d6b14bca423dc46f19ec73e528b67ddb6109c8ff0ef7700a07f9828f3d07a134189bdfe12018d9

    • SSDEEP

      768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjQ:bP9g/xtCS3Dxx05

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks