General

  • Target

    2024-04-24_d3ff08fd192e342ee350bfd8d8da5270_cryptolocker

  • Size

    38KB

  • Sample

    240424-fc6n6afa82

  • MD5

    d3ff08fd192e342ee350bfd8d8da5270

  • SHA1

    3a1dd5019eb77d4bbd94d7657bdaead74ae4e56b

  • SHA256

    a8af1ab2c8b1f438ccbfff89f08860f4f705da36cc247fb9eb1b5bccf4c1c2fc

  • SHA512

    b2b5b8c5f5e6d8086e0b28ffe54439dfb0cfac89dead72c82a83a3e42da020c0483bb64c26a596120972a0ee1eeab95fa19605484987039a1ab99f29be30cff4

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY91:qDdFJy3QMOtEvwDpjjWMl7T+

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-24_d3ff08fd192e342ee350bfd8d8da5270_cryptolocker

    • Size

      38KB

    • MD5

      d3ff08fd192e342ee350bfd8d8da5270

    • SHA1

      3a1dd5019eb77d4bbd94d7657bdaead74ae4e56b

    • SHA256

      a8af1ab2c8b1f438ccbfff89f08860f4f705da36cc247fb9eb1b5bccf4c1c2fc

    • SHA512

      b2b5b8c5f5e6d8086e0b28ffe54439dfb0cfac89dead72c82a83a3e42da020c0483bb64c26a596120972a0ee1eeab95fa19605484987039a1ab99f29be30cff4

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY91:qDdFJy3QMOtEvwDpjjWMl7T+

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks