General

  • Target

    2024-05-31_005b57667220d756f935a34f449aa174_cryptolocker

  • Size

    91KB

  • Sample

    240531-stk51adb46

  • MD5

    005b57667220d756f935a34f449aa174

  • SHA1

    5ecf210b009da0af0db8bcbebc202e08bff8f0d7

  • SHA256

    a0671da0181bfba6c1548ad4005ff6fbef23595f47b1d9e26ca8b65adbe70b9b

  • SHA512

    423b2ddb3e768187319c63ef9560bb111ad780e781fe90c43c77e5a20622975c329acec686264b82f4db744a2e6235f05c2b43ce280078b8cf028b7ad8d9ac72

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-31_005b57667220d756f935a34f449aa174_cryptolocker

    • Size

      91KB

    • MD5

      005b57667220d756f935a34f449aa174

    • SHA1

      5ecf210b009da0af0db8bcbebc202e08bff8f0d7

    • SHA256

      a0671da0181bfba6c1548ad4005ff6fbef23595f47b1d9e26ca8b65adbe70b9b

    • SHA512

      423b2ddb3e768187319c63ef9560bb111ad780e781fe90c43c77e5a20622975c329acec686264b82f4db744a2e6235f05c2b43ce280078b8cf028b7ad8d9ac72

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks