Overview

overview

10

Static

static

10

2024-06-16...er.exe

windows7-x64

9

2024-06-16...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-16_1df5f5182bad62595f14d7d1ad46503b_cryptolocker

  • Size

    40KB

  • Sample

    240616-ss47gsybrb

  • MD5

    1df5f5182bad62595f14d7d1ad46503b

  • SHA1

    369da0a29e0ecd8edf05239275fc3872f4bcafcf

  • SHA256

    7b524a5a1e1cc51475cdd8edcb9814ec1d80b700e528bf3afadbbe57dbcc8938

  • SHA512

    7c2374c619f99d882769f5745a34439700e7b1b439b874c8596ec521266d72cbd6b57dd08c1f1327c2416a503c4bb04bb7b776246eb02ca1b71918c443d57c21

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan8Ns:qDdFJy3QMOtEvwDpjjWMl7Tdn86

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-16_1df5f5182bad62595f14d7d1ad46503b_cryptolocker

    • Size

      40KB

    • MD5

      1df5f5182bad62595f14d7d1ad46503b

    • SHA1

      369da0a29e0ecd8edf05239275fc3872f4bcafcf

    • SHA256

      7b524a5a1e1cc51475cdd8edcb9814ec1d80b700e528bf3afadbbe57dbcc8938

    • SHA512

      7c2374c619f99d882769f5745a34439700e7b1b439b874c8596ec521266d72cbd6b57dd08c1f1327c2416a503c4bb04bb7b776246eb02ca1b71918c443d57c21

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan8Ns:qDdFJy3QMOtEvwDpjjWMl7Tdn86

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks