Overview

overview

10

Static

static

10

2024-05-20...er.exe

windows7-x64

9

2024-05-20...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-20_b64f7a048c134af936820252617902a3_cryptolocker

  • Size

    82KB

  • Sample

    240520-slaz3afg3x

  • MD5

    b64f7a048c134af936820252617902a3

  • SHA1

    01aac94f2e2676bd0461a978d764e8a11edb59e9

  • SHA256

    03bc2ff82874a9c09f161181d5d1204e43fc1f0b65dd9d862d066c7c0c37c8a1

  • SHA512

    f57d2473ef470aa4615d871c4b1c5f04131441ec4619daad45a95158e014216fe81dcebe18ea34920ff3a3d3089eca377badf27f595b48049011b11c8b78d63a

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qpg:zCsanOtEvwDpjm

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-20_b64f7a048c134af936820252617902a3_cryptolocker

    • Size

      82KB

    • MD5

      b64f7a048c134af936820252617902a3

    • SHA1

      01aac94f2e2676bd0461a978d764e8a11edb59e9

    • SHA256

      03bc2ff82874a9c09f161181d5d1204e43fc1f0b65dd9d862d066c7c0c37c8a1

    • SHA512

      f57d2473ef470aa4615d871c4b1c5f04131441ec4619daad45a95158e014216fe81dcebe18ea34920ff3a3d3089eca377badf27f595b48049011b11c8b78d63a

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qpg:zCsanOtEvwDpjm

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks