General

  • Target

    2024-05-31_d5f510174c7419e437b1867e67495471_cryptolocker

  • Size

    53KB

  • Sample

    240531-taqrtadb3t

  • MD5

    d5f510174c7419e437b1867e67495471

  • SHA1

    307d69c3c2c07407515a3bbdebab28c8804f1eb4

  • SHA256

    90eb96c1d8c850e0b4623f6c0f6896db93df4160069d230c0013653f425020ce

  • SHA512

    69e4392d6aa6eadef78b1b8e49407ecb8c3bc7914b0dad6b97af6562e85b496e3f90e6164a9d690368191ef2bc32fc7937452182dea5206ff9cdff7eacc7f295

  • SSDEEP

    768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YY1J+OTOs:z6QFElP6n+gKmddpMOtEvwDpj31is

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-31_d5f510174c7419e437b1867e67495471_cryptolocker

    • Size

      53KB

    • MD5

      d5f510174c7419e437b1867e67495471

    • SHA1

      307d69c3c2c07407515a3bbdebab28c8804f1eb4

    • SHA256

      90eb96c1d8c850e0b4623f6c0f6896db93df4160069d230c0013653f425020ce

    • SHA512

      69e4392d6aa6eadef78b1b8e49407ecb8c3bc7914b0dad6b97af6562e85b496e3f90e6164a9d690368191ef2bc32fc7937452182dea5206ff9cdff7eacc7f295

    • SSDEEP

      768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YY1J+OTOs:z6QFElP6n+gKmddpMOtEvwDpj31is

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks