Overview

overview

10

Static

static

10

2024-04-22...er.exe

windows7-x64

9

2024-04-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-22_c0d976644a2d563d5c1f71264d4d433d_cryptolocker

  • Size

    96KB

  • Sample

    240422-2hl3lahc7y

  • MD5

    c0d976644a2d563d5c1f71264d4d433d

  • SHA1

    d1f567325f17207a9252b1d1e684de651985319c

  • SHA256

    f6a0f3bf51484978595ab6e6f4fe353a0b0d9e61141f58bced0af515a298e1f4

  • SHA512

    70923b5f1d7f31b2e74646577d8ed07bf5d1d2bc7dc9dce82d7e4f41eb87889132fa0320d2f290681cf2bf00b0172f51d66ae5a0105449546a000175f9dcea09

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/bm:zCsanOtEvwDpjBK

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-22_c0d976644a2d563d5c1f71264d4d433d_cryptolocker

    • Size

      96KB

    • MD5

      c0d976644a2d563d5c1f71264d4d433d

    • SHA1

      d1f567325f17207a9252b1d1e684de651985319c

    • SHA256

      f6a0f3bf51484978595ab6e6f4fe353a0b0d9e61141f58bced0af515a298e1f4

    • SHA512

      70923b5f1d7f31b2e74646577d8ed07bf5d1d2bc7dc9dce82d7e4f41eb87889132fa0320d2f290681cf2bf00b0172f51d66ae5a0105449546a000175f9dcea09

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/bm:zCsanOtEvwDpjBK

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks