Overview

overview

10

Static

static

10

2024-05-01...er.exe

windows7-x64

9

2024-05-01...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-01_06ecadddd569cfcf0d5f58d31f9c588d_cryptolocker

  • Size

    55KB

  • Sample

    240501-sslp5scb24

  • MD5

    06ecadddd569cfcf0d5f58d31f9c588d

  • SHA1

    b10e6b3d2740297dd095f6eb933b67cd80771137

  • SHA256

    1c3fd44107f8b1127135f44431ca2fd1884543501719d38870426646ade2af54

  • SHA512

    ed69ec8b58c37f0fc227df666fcab60e2e16383e890cbc3c77a177f7db9b44a08427727d3c69ce5081a53302d3e4647fa9d0d849121e8655b919c47f98f3fb16

  • SSDEEP

    768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjl+W:bP9g/xtCS3Dxx0JW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-01_06ecadddd569cfcf0d5f58d31f9c588d_cryptolocker

    • Size

      55KB

    • MD5

      06ecadddd569cfcf0d5f58d31f9c588d

    • SHA1

      b10e6b3d2740297dd095f6eb933b67cd80771137

    • SHA256

      1c3fd44107f8b1127135f44431ca2fd1884543501719d38870426646ade2af54

    • SHA512

      ed69ec8b58c37f0fc227df666fcab60e2e16383e890cbc3c77a177f7db9b44a08427727d3c69ce5081a53302d3e4647fa9d0d849121e8655b919c47f98f3fb16

    • SSDEEP

      768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjl+W:bP9g/xtCS3Dxx0JW

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks