General

  • Target

    2024-05-30_23b0adc2bf4e5418b45b4046ed664af3_cryptolocker

  • Size

    81KB

  • Sample

    240530-btpdzsad69

  • MD5

    23b0adc2bf4e5418b45b4046ed664af3

  • SHA1

    44a95f4131582a4df69f23582220d86450a9f90f

  • SHA256

    6ce68640c1247a856708e9d6a8cbf9ee949cb0d9ba10e0899d0f1f138cbc8b18

  • SHA512

    3c3983a4d70fb3e98d10a512d6843d415ad0dee1cc786d316a87da6ad4adedf90696533ccda033c835d5889497d7f5fddb598c155bcd4723f5886060bfd5b2c7

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QeZ:zCsanOtEvwDpjo

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-30_23b0adc2bf4e5418b45b4046ed664af3_cryptolocker

    • Size

      81KB

    • MD5

      23b0adc2bf4e5418b45b4046ed664af3

    • SHA1

      44a95f4131582a4df69f23582220d86450a9f90f

    • SHA256

      6ce68640c1247a856708e9d6a8cbf9ee949cb0d9ba10e0899d0f1f138cbc8b18

    • SHA512

      3c3983a4d70fb3e98d10a512d6843d415ad0dee1cc786d316a87da6ad4adedf90696533ccda033c835d5889497d7f5fddb598c155bcd4723f5886060bfd5b2c7

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QeZ:zCsanOtEvwDpjo

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks