General

  • Target

    2024-05-24_f095049d64961aa4dc3f6baf3f5dd8db_cryptolocker

  • Size

    41KB

  • Sample

    240524-ess8bscg4y

  • MD5

    f095049d64961aa4dc3f6baf3f5dd8db

  • SHA1

    ca5576b66ebf50f1c80031ef3a27e05dafaba8a5

  • SHA256

    20368db0de3ead3d953c42ad998bc9d70e1e2d609b9450c64955c9a7cefd5caf

  • SHA512

    764db3456be48595a72da4621a4fb33d280c1e3ec16105e0fb1b56a19d79d84dc4a4b1d3c66221fcabc8f3e9721ce33a0ca1f9a1808b0f9982f3ad6e6c711c48

  • SSDEEP

    384:ba74uGLLQRcsdeQ72ngEr4K7YmE8j6CQYnrz1ZhdaXFXSCVQTLfjDpXqxKHs:ba74zYcgT/EkdCQgpwXFXSqQXfj0xKM

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_f095049d64961aa4dc3f6baf3f5dd8db_cryptolocker

    • Size

      41KB

    • MD5

      f095049d64961aa4dc3f6baf3f5dd8db

    • SHA1

      ca5576b66ebf50f1c80031ef3a27e05dafaba8a5

    • SHA256

      20368db0de3ead3d953c42ad998bc9d70e1e2d609b9450c64955c9a7cefd5caf

    • SHA512

      764db3456be48595a72da4621a4fb33d280c1e3ec16105e0fb1b56a19d79d84dc4a4b1d3c66221fcabc8f3e9721ce33a0ca1f9a1808b0f9982f3ad6e6c711c48

    • SSDEEP

      384:ba74uGLLQRcsdeQ72ngEr4K7YmE8j6CQYnrz1ZhdaXFXSCVQTLfjDpXqxKHs:ba74zYcgT/EkdCQgpwXFXSqQXfj0xKM

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks