Overview

overview

10

Static

static

10

2024-04-20...er.exe

windows7-x64

9

2024-04-20...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-20_33837766833c0334fadf8cef837bfa26_cryptolocker

  • Size

    67KB

  • Sample

    240420-y7qkjahb48

  • MD5

    33837766833c0334fadf8cef837bfa26

  • SHA1

    77d70b6304c203bf11e49f4017b8c6d208864faa

  • SHA256

    9b4ded9cd22b1f556db516b6a358426bbe08183e23bc60e99cb3f8507fe88a16

  • SHA512

    f94cdbee705e065cdd2327d003c1035eb50166f655a2062164e0a858e0002e11c4927d915d613cfeeceda8809ee17a63f52fa67f0ca62c4ded3d11fa24d25cd4

  • SSDEEP

    768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PR:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAR

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-20_33837766833c0334fadf8cef837bfa26_cryptolocker

    • Size

      67KB

    • MD5

      33837766833c0334fadf8cef837bfa26

    • SHA1

      77d70b6304c203bf11e49f4017b8c6d208864faa

    • SHA256

      9b4ded9cd22b1f556db516b6a358426bbe08183e23bc60e99cb3f8507fe88a16

    • SHA512

      f94cdbee705e065cdd2327d003c1035eb50166f655a2062164e0a858e0002e11c4927d915d613cfeeceda8809ee17a63f52fa67f0ca62c4ded3d11fa24d25cd4

    • SSDEEP

      768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PR:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAR

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks