Overview

overview

10

Static

static

10

2024-05-04...er.exe

windows7-x64

9

2024-05-04...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-04_07e7a62d23711ab79696e8d6c240dda8_cryptolocker

  • Size

    87KB

  • Sample

    240504-ez6f8sga68

  • MD5

    07e7a62d23711ab79696e8d6c240dda8

  • SHA1

    0a4e58bcd3b3474cd3d70d73cca60ceae8e3e919

  • SHA256

    092891f3e9ec117df2039a806f336e03ff7c08d444c90526543705a10236c135

  • SHA512

    152f5692fa4fb7e47719c91fcd5ec64ba524b42574100ce3b98bce1a21edc810051963454132cb3b06f6736f62bf6be6889fc76403efd09f903efcf61b1fa1e2

  • SSDEEP

    768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIOD5:qkmnpomddpMOtEvwDpjJGYQbN/PKwMg3

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-04_07e7a62d23711ab79696e8d6c240dda8_cryptolocker

    • Size

      87KB

    • MD5

      07e7a62d23711ab79696e8d6c240dda8

    • SHA1

      0a4e58bcd3b3474cd3d70d73cca60ceae8e3e919

    • SHA256

      092891f3e9ec117df2039a806f336e03ff7c08d444c90526543705a10236c135

    • SHA512

      152f5692fa4fb7e47719c91fcd5ec64ba524b42574100ce3b98bce1a21edc810051963454132cb3b06f6736f62bf6be6889fc76403efd09f903efcf61b1fa1e2

    • SSDEEP

      768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIOD5:qkmnpomddpMOtEvwDpjJGYQbN/PKwMg3

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks