Overview

overview

10

Static

static

10

2024-05-24...er.exe

windows7-x64

9

2024-05-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-24_b7fcf1788f03de15201f8f3c85b7fe11_cryptolocker

  • Size

    88KB

  • Sample

    240524-eksltscd2z

  • MD5

    b7fcf1788f03de15201f8f3c85b7fe11

  • SHA1

    c14c95713bfb0dac4b9f009bf0bb3279a8ed54d9

  • SHA256

    bb30d5356fe9d6e715867b90c80dede72ccde39fae49e206613ac142aad89840

  • SHA512

    94815a4bc9f646758f8497f6c35c65782e9093d480ba0ff30773ff8790dc64452905b36b59bb7ead852af36a35d27a3dc2764e9d6d6d5687f82003b6f474e115

  • SSDEEP

    768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODO:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgM

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_b7fcf1788f03de15201f8f3c85b7fe11_cryptolocker

    • Size

      88KB

    • MD5

      b7fcf1788f03de15201f8f3c85b7fe11

    • SHA1

      c14c95713bfb0dac4b9f009bf0bb3279a8ed54d9

    • SHA256

      bb30d5356fe9d6e715867b90c80dede72ccde39fae49e206613ac142aad89840

    • SHA512

      94815a4bc9f646758f8497f6c35c65782e9093d480ba0ff30773ff8790dc64452905b36b59bb7ead852af36a35d27a3dc2764e9d6d6d5687f82003b6f474e115

    • SSDEEP

      768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODO:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgM

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks