General

  • Target

    de97a661c9f5f1adf8a5037413942891a03d3f1ab17f1061cd5f9c11cff6233a

  • Size

    40KB

  • Sample

    240524-ewty2ach56

  • MD5

    69b0e140655d4b7b9f1567076bc7f377

  • SHA1

    a95b0245821e0631dd2e011a16ef82b79d219f2b

  • SHA256

    de97a661c9f5f1adf8a5037413942891a03d3f1ab17f1061cd5f9c11cff6233a

  • SHA512

    787c8f023578309a1f6d27bb7b0d4a646962f99c552e9998ddc19ec1d6cbb15c756b9b2abf932e21766f455db260debb3b16c853e25825f49acbe20066a0d33e

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYoX:qDdFJy3QMOtEvwDpjjWMl7TlX

Score
10/10
upx

Malware Config

Targets

    • Target

      de97a661c9f5f1adf8a5037413942891a03d3f1ab17f1061cd5f9c11cff6233a

    • Size

      40KB

    • MD5

      69b0e140655d4b7b9f1567076bc7f377

    • SHA1

      a95b0245821e0631dd2e011a16ef82b79d219f2b

    • SHA256

      de97a661c9f5f1adf8a5037413942891a03d3f1ab17f1061cd5f9c11cff6233a

    • SHA512

      787c8f023578309a1f6d27bb7b0d4a646962f99c552e9998ddc19ec1d6cbb15c756b9b2abf932e21766f455db260debb3b16c853e25825f49acbe20066a0d33e

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYoX:qDdFJy3QMOtEvwDpjjWMl7TlX

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks