General

  • Target

    2024-05-27_32616c570c3169fc3113456718973c44_cryptolocker

  • Size

    71KB

  • Sample

    240527-w213zaec48

  • MD5

    32616c570c3169fc3113456718973c44

  • SHA1

    3cc27e015f2c311fa151418361ea5f111783fee4

  • SHA256

    58fc3db100642b8e2ee9a72294326f86eaa3fc79f92221a19f10ba5ef443b259

  • SHA512

    7390dc6c9583d8ce4b92748e5e08b764dc3a1bdad4652d7b5f1fec85ac84ef9a87bfb5c838ff412ab4e676a6d1ecc6206373de04760763638c81681a4d056358

  • SSDEEP

    1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95Ot:C4Q2c94OtEvwDpj4H8z/

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-27_32616c570c3169fc3113456718973c44_cryptolocker

    • Size

      71KB

    • MD5

      32616c570c3169fc3113456718973c44

    • SHA1

      3cc27e015f2c311fa151418361ea5f111783fee4

    • SHA256

      58fc3db100642b8e2ee9a72294326f86eaa3fc79f92221a19f10ba5ef443b259

    • SHA512

      7390dc6c9583d8ce4b92748e5e08b764dc3a1bdad4652d7b5f1fec85ac84ef9a87bfb5c838ff412ab4e676a6d1ecc6206373de04760763638c81681a4d056358

    • SSDEEP

      1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95Ot:C4Q2c94OtEvwDpj4H8z/

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks