General

  • Target

    dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d

  • Size

    39KB

  • Sample

    240524-etkbtacg7t

  • MD5

    820ac1958f78f9b7d0f517548553da87

  • SHA1

    3f67a90ad07818ff3c05befb21e0e7828bbdde57

  • SHA256

    dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d

  • SHA512

    369cbec5abf5ac1bb9cd0d01b20c91af3cce307235f2ad9a0da663834a15b994405151d918f4f48c37edb2001f28c89f2b3d677e007358108bea46f183678b44

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY/q:qDdFJy3QMOtEvwDpjjWMl7Tb

Score
10/10
upx

Malware Config

Targets

    • Target

      dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d

    • Size

      39KB

    • MD5

      820ac1958f78f9b7d0f517548553da87

    • SHA1

      3f67a90ad07818ff3c05befb21e0e7828bbdde57

    • SHA256

      dd32a8393e24c67342c2ecf3c539caa7924654ebe67bde08db4fb5ea1e082f1d

    • SHA512

      369cbec5abf5ac1bb9cd0d01b20c91af3cce307235f2ad9a0da663834a15b994405151d918f4f48c37edb2001f28c89f2b3d677e007358108bea46f183678b44

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY/q:qDdFJy3QMOtEvwDpjjWMl7Tb

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks