General

  • Target

    2024-05-14_e2607842fb88253c794f63dde6b81cb9_cryptolocker

  • Size

    77KB

  • Sample

    240514-ygxk6adb3s

  • MD5

    e2607842fb88253c794f63dde6b81cb9

  • SHA1

    a60816b1a6588443f0e9654887fbc9e72a4475b4

  • SHA256

    1fd34d52c81bb4fa87b8ad6f24abdf458a415dde3020423ec66248f518a53a58

  • SHA512

    e243137ee65ebfe8698272ca74a5207101a8cfe4b60e0d71ccf5dedc41c88f9869e0d557f7723855fc117982433cd4ee713f4b080b6b4ba78f77610ac0355047

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxY:T6a+rdOOtEvwDpjNtHPn

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-14_e2607842fb88253c794f63dde6b81cb9_cryptolocker

    • Size

      77KB

    • MD5

      e2607842fb88253c794f63dde6b81cb9

    • SHA1

      a60816b1a6588443f0e9654887fbc9e72a4475b4

    • SHA256

      1fd34d52c81bb4fa87b8ad6f24abdf458a415dde3020423ec66248f518a53a58

    • SHA512

      e243137ee65ebfe8698272ca74a5207101a8cfe4b60e0d71ccf5dedc41c88f9869e0d557f7723855fc117982433cd4ee713f4b080b6b4ba78f77610ac0355047

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxY:T6a+rdOOtEvwDpjNtHPn

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks