Overview

overview

10

Static

static

10

2024-05-23...er.exe

windows7-x64

9

2024-05-23...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_68ebedddd883437db1372b478bd1b028_cryptolocker

  • Size

    81KB

  • Sample

    240523-czx4raah55

  • MD5

    68ebedddd883437db1372b478bd1b028

  • SHA1

    a20967c6a884150b63de4e8f8d14e6adac8f335f

  • SHA256

    5c013ac44565b713485a461badb438d97c68f0de28d71ac42e7ee97ed107321e

  • SHA512

    58bcb7419c042b98bfac8cc34b0d6ded09c6b63b4545b884eb44685cd113c9fadcf2bf0b1e2c822551a861fdaaf3877296dae22cdbe7c27887dbc0ac72e8ac37

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qsd:zCsanOtEvwDpjW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-23_68ebedddd883437db1372b478bd1b028_cryptolocker

    • Size

      81KB

    • MD5

      68ebedddd883437db1372b478bd1b028

    • SHA1

      a20967c6a884150b63de4e8f8d14e6adac8f335f

    • SHA256

      5c013ac44565b713485a461badb438d97c68f0de28d71ac42e7ee97ed107321e

    • SHA512

      58bcb7419c042b98bfac8cc34b0d6ded09c6b63b4545b884eb44685cd113c9fadcf2bf0b1e2c822551a861fdaaf3877296dae22cdbe7c27887dbc0ac72e8ac37

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qsd:zCsanOtEvwDpjW

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks