Overview

overview

10

Static

static

10

2024-06-07...er.exe

windows7-x64

9

2024-06-07...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-07_26d395f7374ef3ed43bc4698a0ad93e4_cryptolocker

  • Size

    80KB

  • Sample

    240607-d8et7sac27

  • MD5

    26d395f7374ef3ed43bc4698a0ad93e4

  • SHA1

    80cf26aa66d23168e1ccdeb270c89ee76a7320b6

  • SHA256

    5a1c33435c492b940b1f747a9939c645ad1fa4124700aeb49a93f36d59d7cbe9

  • SHA512

    fc3019724fee636dd75bbfd10832eaff5cabcbf334ea48fc0924314b800a9f15111df0bc4e0eb5dd506916041ad3a411e57eea13e7816123cb6ab7f2a3afe899

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB1h:T6a+rdOOtEvwDpjNtHPW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-07_26d395f7374ef3ed43bc4698a0ad93e4_cryptolocker

    • Size

      80KB

    • MD5

      26d395f7374ef3ed43bc4698a0ad93e4

    • SHA1

      80cf26aa66d23168e1ccdeb270c89ee76a7320b6

    • SHA256

      5a1c33435c492b940b1f747a9939c645ad1fa4124700aeb49a93f36d59d7cbe9

    • SHA512

      fc3019724fee636dd75bbfd10832eaff5cabcbf334ea48fc0924314b800a9f15111df0bc4e0eb5dd506916041ad3a411e57eea13e7816123cb6ab7f2a3afe899

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB1h:T6a+rdOOtEvwDpjNtHPW

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks