General

  • Target

    2024-05-25_6a03c66b01a30f7de5876164e037a7c5_cryptolocker

  • Size

    91KB

  • Sample

    240525-a2fw5sge4v

  • MD5

    6a03c66b01a30f7de5876164e037a7c5

  • SHA1

    4f72b0855d58a424343c06a867e819104e0e5791

  • SHA256

    a39a06ed1a36ac2c2f9fcec786a4b540aac4440a1cd5e30ecb2474a0a83744c6

  • SHA512

    53e96db6bd0c9f4275be1fe7c957c9ff27335446e2dec2b74acf4c1742b5df1b32d243a37ba7fae014c9ddea8caa594e6927ee8dfc4634dc2ec69346dddbaf27

  • SSDEEP

    1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/D2:n6a+1SEOtEvwDpjYYvQd2Px

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-25_6a03c66b01a30f7de5876164e037a7c5_cryptolocker

    • Size

      91KB

    • MD5

      6a03c66b01a30f7de5876164e037a7c5

    • SHA1

      4f72b0855d58a424343c06a867e819104e0e5791

    • SHA256

      a39a06ed1a36ac2c2f9fcec786a4b540aac4440a1cd5e30ecb2474a0a83744c6

    • SHA512

      53e96db6bd0c9f4275be1fe7c957c9ff27335446e2dec2b74acf4c1742b5df1b32d243a37ba7fae014c9ddea8caa594e6927ee8dfc4634dc2ec69346dddbaf27

    • SSDEEP

      1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/D2:n6a+1SEOtEvwDpjYYvQd2Px

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks