General

  • Target

    2024-05-27_3eed62ab5b309e077a6fd6161a27caa3_cryptolocker

  • Size

    40KB

  • Sample

    240527-w3prbsec73

  • MD5

    3eed62ab5b309e077a6fd6161a27caa3

  • SHA1

    eee9c5b1e472200a62f9936e9ee11bae14e1391c

  • SHA256

    f7921d5b497c54ade3c82381df4d163e5a20cfaf9ff60d938edd92815d361031

  • SHA512

    d177aa598c2a93633c01d746df86f72b48638b1935c4ef8a290bd56a531a7cbe26a985d9a2f0e14fe6dd927329a738eb1d47d5b3e1124d30f72126d5fc790f8a

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan/MCx:qDdFJy3QMOtEvwDpjjWMl7Tdn/B

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-27_3eed62ab5b309e077a6fd6161a27caa3_cryptolocker

    • Size

      40KB

    • MD5

      3eed62ab5b309e077a6fd6161a27caa3

    • SHA1

      eee9c5b1e472200a62f9936e9ee11bae14e1391c

    • SHA256

      f7921d5b497c54ade3c82381df4d163e5a20cfaf9ff60d938edd92815d361031

    • SHA512

      d177aa598c2a93633c01d746df86f72b48638b1935c4ef8a290bd56a531a7cbe26a985d9a2f0e14fe6dd927329a738eb1d47d5b3e1124d30f72126d5fc790f8a

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan/MCx:qDdFJy3QMOtEvwDpjjWMl7Tdn/B

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks