Overview

overview

10

Static

static

10

2024-04-22...er.exe

windows7-x64

9

2024-04-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-22_5f0b47ecc8a05f48a957a1fbe084916c_cryptolocker

  • Size

    22KB

  • Sample

    240422-sz7aesch39

  • MD5

    5f0b47ecc8a05f48a957a1fbe084916c

  • SHA1

    4def0310b81fb5cdd4196a0326b74757bf62ae61

  • SHA256

    2743c92a07f50d34456c687b1fab594e2fda86ffb9e7a11b72f23d3fe95a2d1e

  • SHA512

    c8d7db2a818263c0747fd5224577ed793c05b60651444017db869c92e816f692087ba175bc3bfd9ff42af9b8ef0b36892b11004e8f3fb3016ea37e8caa3a0d28

  • SSDEEP

    384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6Hjx:bVCPwFRo6CpwXFXSqQXfjAd

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-22_5f0b47ecc8a05f48a957a1fbe084916c_cryptolocker

    • Size

      22KB

    • MD5

      5f0b47ecc8a05f48a957a1fbe084916c

    • SHA1

      4def0310b81fb5cdd4196a0326b74757bf62ae61

    • SHA256

      2743c92a07f50d34456c687b1fab594e2fda86ffb9e7a11b72f23d3fe95a2d1e

    • SHA512

      c8d7db2a818263c0747fd5224577ed793c05b60651444017db869c92e816f692087ba175bc3bfd9ff42af9b8ef0b36892b11004e8f3fb3016ea37e8caa3a0d28

    • SSDEEP

      384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6Hjx:bVCPwFRo6CpwXFXSqQXfjAd

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks