Overview

overview

10

Static

static

10

2024-04-24...er.exe

windows7-x64

9

2024-04-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-24_28cccc941c40e5621dcccbb0eaef22a2_cryptolocker

  • Size

    70KB

  • Sample

    240424-s75fsscg5s

  • MD5

    28cccc941c40e5621dcccbb0eaef22a2

  • SHA1

    7d39a85aabcfca04ab3dd156f6a1ffe889109291

  • SHA256

    7875a27dfdb3f274320c21cfccec56983cfeb4fd3407669c8dc7074e93ecd266

  • SHA512

    5705618666197938e26082d4d9b5e1a96d20876d630c32d3fcbf9daf08767e91fd3667e26af711c92b30d1c51d098f3dca6c00a21d3370a89e2e0b2faaba8707

  • SSDEEP

    1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9F:C4Q2c94OtEvwDpj4H8zk

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-24_28cccc941c40e5621dcccbb0eaef22a2_cryptolocker

    • Size

      70KB

    • MD5

      28cccc941c40e5621dcccbb0eaef22a2

    • SHA1

      7d39a85aabcfca04ab3dd156f6a1ffe889109291

    • SHA256

      7875a27dfdb3f274320c21cfccec56983cfeb4fd3407669c8dc7074e93ecd266

    • SHA512

      5705618666197938e26082d4d9b5e1a96d20876d630c32d3fcbf9daf08767e91fd3667e26af711c92b30d1c51d098f3dca6c00a21d3370a89e2e0b2faaba8707

    • SSDEEP

      1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9F:C4Q2c94OtEvwDpj4H8zk

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks