General

  • Target

    2024-05-24_e85f1f2aeac2b6ce04ced360de489250_cryptolocker

  • Size

    73KB

  • Sample

    240524-ert38scf8y

  • MD5

    e85f1f2aeac2b6ce04ced360de489250

  • SHA1

    9d72ff1d1fa6a5b214bfd76ca410f79fb8d6f463

  • SHA256

    d531dbfd620cb0d8b743d99466da8d041c2d8b2a37e2880f81959da10446169e

  • SHA512

    6a5ef7dace4738c7b895b3f07b269cd1f40e9cec5b50d1d83911961f370bfb3c649bd7e7359027999695eb7432e4ea9529042d5a61beb01e46af8780c4828270

  • SSDEEP

    1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95K:C4Q2c94OtEvwDpj4H8zR

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_e85f1f2aeac2b6ce04ced360de489250_cryptolocker

    • Size

      73KB

    • MD5

      e85f1f2aeac2b6ce04ced360de489250

    • SHA1

      9d72ff1d1fa6a5b214bfd76ca410f79fb8d6f463

    • SHA256

      d531dbfd620cb0d8b743d99466da8d041c2d8b2a37e2880f81959da10446169e

    • SHA512

      6a5ef7dace4738c7b895b3f07b269cd1f40e9cec5b50d1d83911961f370bfb3c649bd7e7359027999695eb7432e4ea9529042d5a61beb01e46af8780c4828270

    • SSDEEP

      1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95K:C4Q2c94OtEvwDpj4H8zR

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks