General

  • Target

    2024-05-24_f85f8aed872b9d76f6e2f7d13fdc4efd_cryptolocker

  • Size

    64KB

  • Sample

    240524-etpljacg7z

  • MD5

    f85f8aed872b9d76f6e2f7d13fdc4efd

  • SHA1

    1b4a3e25ab17d8c94012a56f9e141075deb60f98

  • SHA256

    40792b9e867a73eccb2a5dd7b069608c1b33c31755ee310b0b27f6f13e214b62

  • SHA512

    abb5390c5bf3e90cb5082d3416194818da6169ddf4f6532c291978c263cd447d8891a3af1f6b7381cba05429330d4d4288b8ef5e562092a1f62c37c9138b9826

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xK:1nK6a+qdOOtEvwDpjA

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_f85f8aed872b9d76f6e2f7d13fdc4efd_cryptolocker

    • Size

      64KB

    • MD5

      f85f8aed872b9d76f6e2f7d13fdc4efd

    • SHA1

      1b4a3e25ab17d8c94012a56f9e141075deb60f98

    • SHA256

      40792b9e867a73eccb2a5dd7b069608c1b33c31755ee310b0b27f6f13e214b62

    • SHA512

      abb5390c5bf3e90cb5082d3416194818da6169ddf4f6532c291978c263cd447d8891a3af1f6b7381cba05429330d4d4288b8ef5e562092a1f62c37c9138b9826

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xK:1nK6a+qdOOtEvwDpjA

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks