General

  • Target

    2024-05-22_3cee615ffbeacb917401ab7e0d61bdf9_cryptolocker

  • Size

    40KB

  • Sample

    240522-3p6w1sde6z

  • MD5

    3cee615ffbeacb917401ab7e0d61bdf9

  • SHA1

    796fce07237370bca3e85fa244fcbc5e23bf9f6f

  • SHA256

    424b6e1409065821215064a25c331e476086c3fd28107a5be2984eee1e320b2d

  • SHA512

    4fa7c6c23dc03845643fc0c18ad8a6d0796fa13547d0759d9c08a353c1a32a8f9e3e542ef603d1f927d57e7c96f11ab2831f3d9dc43e004cfc2c3ca88d9c6a99

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaB0go:qDdFJy3QMOtEvwDpjjWMl7TdCgo

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-22_3cee615ffbeacb917401ab7e0d61bdf9_cryptolocker

    • Size

      40KB

    • MD5

      3cee615ffbeacb917401ab7e0d61bdf9

    • SHA1

      796fce07237370bca3e85fa244fcbc5e23bf9f6f

    • SHA256

      424b6e1409065821215064a25c331e476086c3fd28107a5be2984eee1e320b2d

    • SHA512

      4fa7c6c23dc03845643fc0c18ad8a6d0796fa13547d0759d9c08a353c1a32a8f9e3e542ef603d1f927d57e7c96f11ab2831f3d9dc43e004cfc2c3ca88d9c6a99

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaB0go:qDdFJy3QMOtEvwDpjjWMl7TdCgo

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks