General

  • Target

    2024-05-20_ef5c2253a927fd29b7850d5c7be75538_cryptolocker

  • Size

    39KB

  • Sample

    240520-2kscdsaa35

  • MD5

    ef5c2253a927fd29b7850d5c7be75538

  • SHA1

    a18ba1397394c8184a8fb54b7b05d0ecbed528c8

  • SHA256

    f5971f458df5ab5a358885d52c299036e5e5f0b5e8f15d8c4990cd65bacc8cc1

  • SHA512

    7f20d5b44b5c734d7d29c8d72bc022c3124b57e43a247cb24ffce6000de4116ca1f5b1906e35e0da9e85e80f4cad82db7fd324bd578168dcf1a6dbc46d337e62

  • SSDEEP

    768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3A4s:qUmnpomddpMOtEvwDpjjaYaQPs

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-20_ef5c2253a927fd29b7850d5c7be75538_cryptolocker

    • Size

      39KB

    • MD5

      ef5c2253a927fd29b7850d5c7be75538

    • SHA1

      a18ba1397394c8184a8fb54b7b05d0ecbed528c8

    • SHA256

      f5971f458df5ab5a358885d52c299036e5e5f0b5e8f15d8c4990cd65bacc8cc1

    • SHA512

      7f20d5b44b5c734d7d29c8d72bc022c3124b57e43a247cb24ffce6000de4116ca1f5b1906e35e0da9e85e80f4cad82db7fd324bd578168dcf1a6dbc46d337e62

    • SSDEEP

      768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3A4s:qUmnpomddpMOtEvwDpjjaYaQPs

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks