General

  • Target

    2024-01-26_d29462da30c9f9abc36855fa3a5d85c4_cryptolocker

  • Size

    62KB

  • Sample

    240126-nsjtbscfg4

  • MD5

    d29462da30c9f9abc36855fa3a5d85c4

  • SHA1

    d12600e1a109a5a4833bdd60c7806feedd01c7bd

  • SHA256

    d9e6e4255519a9a4e2e0d9d1639fd9d10e912e0391c6b901b23a93f002429995

  • SHA512

    1b80499b6a6b7be09ea91cdec1e50893c3304419d2405bf44ec3604518de91a147053fd00f91f2ff2b84a58d77a71b191fcc0bb82f67aab537dc452f8b84052d

  • SSDEEP

    768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mLZ5K7S:zj+soPSMOtEvwDpj4kpmeLm5

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-26_d29462da30c9f9abc36855fa3a5d85c4_cryptolocker

    • Size

      62KB

    • MD5

      d29462da30c9f9abc36855fa3a5d85c4

    • SHA1

      d12600e1a109a5a4833bdd60c7806feedd01c7bd

    • SHA256

      d9e6e4255519a9a4e2e0d9d1639fd9d10e912e0391c6b901b23a93f002429995

    • SHA512

      1b80499b6a6b7be09ea91cdec1e50893c3304419d2405bf44ec3604518de91a147053fd00f91f2ff2b84a58d77a71b191fcc0bb82f67aab537dc452f8b84052d

    • SSDEEP

      768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mLZ5K7S:zj+soPSMOtEvwDpj4kpmeLm5

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks