Overview

overview

10

Static

static

10

2024-06-04...er.exe

windows7-x64

9

2024-06-04...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-04_fe3394b7c3afee2808f81c4ea9a81551_cryptolocker

  • Size

    91KB

  • Sample

    240604-n64ewsfh74

  • MD5

    fe3394b7c3afee2808f81c4ea9a81551

  • SHA1

    ad7ac74567b544e01fb7127df83d95c2cc11c529

  • SHA256

    9a734ba25090cdd43be4fb306447cc35b96aa15ac5fa2e6a9bb9a6247ca2f6c1

  • SHA512

    29c888659b65e2341931ceec8d8d1bc86cb72ee7a826130d7e000e5f69c0ef4c2a470abd9d0cdc96325d908f5bf62ababfdc8a75b5086b99be84e2f26690df68

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddBF:AnBdOOtEvwDpj6zn

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-04_fe3394b7c3afee2808f81c4ea9a81551_cryptolocker

    • Size

      91KB

    • MD5

      fe3394b7c3afee2808f81c4ea9a81551

    • SHA1

      ad7ac74567b544e01fb7127df83d95c2cc11c529

    • SHA256

      9a734ba25090cdd43be4fb306447cc35b96aa15ac5fa2e6a9bb9a6247ca2f6c1

    • SHA512

      29c888659b65e2341931ceec8d8d1bc86cb72ee7a826130d7e000e5f69c0ef4c2a470abd9d0cdc96325d908f5bf62ababfdc8a75b5086b99be84e2f26690df68

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddBF:AnBdOOtEvwDpj6zn

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks