Overview

overview

10

Static

static

10

2024-05-22...er.exe

windows7-x64

9

2024-05-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-22_b843dbd8de5badbf848e2970b1419574_cryptolocker

  • Size

    40KB

  • Sample

    240522-ctys4ahc65

  • MD5

    b843dbd8de5badbf848e2970b1419574

  • SHA1

    62bea0678d1248bb1e4f5d209c210951e7e8816b

  • SHA256

    5e7e3d717e7111caa58f223866e75a0f195305e1c444f2faefc67f51844ea540

  • SHA512

    a26b67385ab882b032d2e22c5a1870e049405c0420ad43ac865c362497582dd346eb17e936aa46b524fe2af8ec946c87852c1af73385c1e3119b9b4edded451e

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYF:qDdFJy3QMOtEvwDpjjWMl7TI

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-22_b843dbd8de5badbf848e2970b1419574_cryptolocker

    • Size

      40KB

    • MD5

      b843dbd8de5badbf848e2970b1419574

    • SHA1

      62bea0678d1248bb1e4f5d209c210951e7e8816b

    • SHA256

      5e7e3d717e7111caa58f223866e75a0f195305e1c444f2faefc67f51844ea540

    • SHA512

      a26b67385ab882b032d2e22c5a1870e049405c0420ad43ac865c362497582dd346eb17e936aa46b524fe2af8ec946c87852c1af73385c1e3119b9b4edded451e

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYF:qDdFJy3QMOtEvwDpjjWMl7TI

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks