Overview

overview

10

Static

static

10

2024-05-27...er.exe

windows7-x64

9

2024-05-27...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-27_f1dfccdaec0dff325fa3dd8ed65c7cc5_cryptolocker

  • Size

    59KB

  • Sample

    240527-1kzwsscb95

  • MD5

    f1dfccdaec0dff325fa3dd8ed65c7cc5

  • SHA1

    68ac69a8c97228a0e72003ab8503d6e25ce408cc

  • SHA256

    ac625e7cfacf3e648e5f1750ba5e6b356d738758539595185ac1d0e24782a4f7

  • SHA512

    ef01e230e287f02df81ffd63bf2d6dfa7add39ccc801cb11e063ee5a1df7ead6074f81cb2f62a29e9823144e618543fa2d79bd11a5fb61f207e0a2ba018e3329

  • SSDEEP

    768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPjK:H6QFElP6n+gou9cvMOtEvwDpjCpVXj

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-27_f1dfccdaec0dff325fa3dd8ed65c7cc5_cryptolocker

    • Size

      59KB

    • MD5

      f1dfccdaec0dff325fa3dd8ed65c7cc5

    • SHA1

      68ac69a8c97228a0e72003ab8503d6e25ce408cc

    • SHA256

      ac625e7cfacf3e648e5f1750ba5e6b356d738758539595185ac1d0e24782a4f7

    • SHA512

      ef01e230e287f02df81ffd63bf2d6dfa7add39ccc801cb11e063ee5a1df7ead6074f81cb2f62a29e9823144e618543fa2d79bd11a5fb61f207e0a2ba018e3329

    • SSDEEP

      768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPjK:H6QFElP6n+gou9cvMOtEvwDpjCpVXj

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks