Overview

overview

10

Static

static

10

2024-05-23...er.exe

windows7-x64

9

2024-05-23...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_3ec81babe1e673a4bd9a412fce5483cd_cryptolocker

  • Size

    24KB

  • Sample

    240523-cx4thsae8y

  • MD5

    3ec81babe1e673a4bd9a412fce5483cd

  • SHA1

    29895035057e1f160c5a8b904e061ebf4460074d

  • SHA256

    b943cddde6610f7f3e4a503c3e84c66ae49eb384df6a5850fd5a383d362da947

  • SHA512

    634313708a4d149d33242bb042c94e2153b3010a7383f87f6b523285aa41a82cbc8433d2ecc577254baf5bd1cc4d75b32c62fb9842ef8307f756b9abdf3d8186

  • SSDEEP

    384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMJ2o:bVCPwFRo6CpwXFXSqQXfjAsJ7

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-23_3ec81babe1e673a4bd9a412fce5483cd_cryptolocker

    • Size

      24KB

    • MD5

      3ec81babe1e673a4bd9a412fce5483cd

    • SHA1

      29895035057e1f160c5a8b904e061ebf4460074d

    • SHA256

      b943cddde6610f7f3e4a503c3e84c66ae49eb384df6a5850fd5a383d362da947

    • SHA512

      634313708a4d149d33242bb042c94e2153b3010a7383f87f6b523285aa41a82cbc8433d2ecc577254baf5bd1cc4d75b32c62fb9842ef8307f756b9abdf3d8186

    • SSDEEP

      384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMJ2o:bVCPwFRo6CpwXFXSqQXfjAsJ7

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks