Overview

overview

10

Static

static

10

2024-05-24...er.exe

windows7-x64

9

2024-05-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-24_2d651969e61737bcbb3fb3cb037915fc_cryptolocker

  • Size

    64KB

  • Sample

    240524-e196tadb6s

  • MD5

    2d651969e61737bcbb3fb3cb037915fc

  • SHA1

    084c0015f292c7b6e3dd1a94d5104285df6ed4fd

  • SHA256

    7b8a4bc6e57e167df540340234f3b9cc2168b72899d840263d2149f7147f5c19

  • SHA512

    78bfd1ec8d13c6292f74f3ff65d775f700f7542bf6c76974356228bc659495a45f0a971fda52a591363f19cb60bd954e34a8ee7c6481e8e58b8f365cf5c3a3fd

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDwY:1nK6a+qdOOtEvwDpjn

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_2d651969e61737bcbb3fb3cb037915fc_cryptolocker

    • Size

      64KB

    • MD5

      2d651969e61737bcbb3fb3cb037915fc

    • SHA1

      084c0015f292c7b6e3dd1a94d5104285df6ed4fd

    • SHA256

      7b8a4bc6e57e167df540340234f3b9cc2168b72899d840263d2149f7147f5c19

    • SHA512

      78bfd1ec8d13c6292f74f3ff65d775f700f7542bf6c76974356228bc659495a45f0a971fda52a591363f19cb60bd954e34a8ee7c6481e8e58b8f365cf5c3a3fd

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDwY:1nK6a+qdOOtEvwDpjn

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks