General

  • Target

    2024-05-22_2c71ada3c343219a0543048cb6e4e709_cryptolocker

  • Size

    40KB

  • Sample

    240522-b1a5yagd41

  • MD5

    2c71ada3c343219a0543048cb6e4e709

  • SHA1

    d33cfeddc3323ae5823bf23a59bd6e501ba6fd27

  • SHA256

    65c0a9fc5443682091d804236d2068791dda7fa90134494ec4cecef61044715f

  • SHA512

    e1ccf4ffae9c64d3c11389c8ae99e447f39086e572308d92045935f63b8a1879d8dc03851d7f2c9c1cc2066f39345ed2525871b4658f25bc1a0243b0b9601d8c

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBcK:qDdFJy3QMOtEvwDpjjWMl7TdB

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-22_2c71ada3c343219a0543048cb6e4e709_cryptolocker

    • Size

      40KB

    • MD5

      2c71ada3c343219a0543048cb6e4e709

    • SHA1

      d33cfeddc3323ae5823bf23a59bd6e501ba6fd27

    • SHA256

      65c0a9fc5443682091d804236d2068791dda7fa90134494ec4cecef61044715f

    • SHA512

      e1ccf4ffae9c64d3c11389c8ae99e447f39086e572308d92045935f63b8a1879d8dc03851d7f2c9c1cc2066f39345ed2525871b4658f25bc1a0243b0b9601d8c

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBcK:qDdFJy3QMOtEvwDpjjWMl7TdB

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks