General

  • Target

    2024-05-25_37e6dacc7f55c19bc59ca1a4939982e3_cryptolocker

  • Size

    52KB

  • Sample

    240525-ava3bagc3t

  • MD5

    37e6dacc7f55c19bc59ca1a4939982e3

  • SHA1

    1246acae82ca31edaa6808de1a02aff5fc2a5a54

  • SHA256

    0a6d4c69520fe1bb4f3afb7afeb4f434a0a00e1a560cd85e9d65f6dfd8a13a20

  • SHA512

    e48f5aaf06b068c3610b3d4af58051df3b92652948c35a140c29b1d6286d725a1ac453a3d83899c2fa7fb4ddaa17d5afb490de236c5ccaf243b49c583245f52a

  • SSDEEP

    768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXu:bODOw9acifAoc+v2u

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-25_37e6dacc7f55c19bc59ca1a4939982e3_cryptolocker

    • Size

      52KB

    • MD5

      37e6dacc7f55c19bc59ca1a4939982e3

    • SHA1

      1246acae82ca31edaa6808de1a02aff5fc2a5a54

    • SHA256

      0a6d4c69520fe1bb4f3afb7afeb4f434a0a00e1a560cd85e9d65f6dfd8a13a20

    • SHA512

      e48f5aaf06b068c3610b3d4af58051df3b92652948c35a140c29b1d6286d725a1ac453a3d83899c2fa7fb4ddaa17d5afb490de236c5ccaf243b49c583245f52a

    • SSDEEP

      768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXu:bODOw9acifAoc+v2u

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks