General

  • Target

    2024-05-31_ddf359278063badca90aee18786d74ff_cryptolocker

  • Size

    40KB

  • Sample

    240531-tgqqdsdd5t

  • MD5

    ddf359278063badca90aee18786d74ff

  • SHA1

    4407b2f71cab68632234470e8db4dcca59741322

  • SHA256

    a82fca5e2fd3c07cb3c3ea2db587b0d02143211c7b1e6fcc8979f1616d62c712

  • SHA512

    dd6840aed680f0c24de55c49d647a1a0e39fa81274fb8875ae4878c368327a05a0854e4039bf0de8beb204e5ad0dc44037c352c14dc35cd095146971db53d97d

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYA:qDdFJy3QMOtEvwDpjjWMl7T9

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-31_ddf359278063badca90aee18786d74ff_cryptolocker

    • Size

      40KB

    • MD5

      ddf359278063badca90aee18786d74ff

    • SHA1

      4407b2f71cab68632234470e8db4dcca59741322

    • SHA256

      a82fca5e2fd3c07cb3c3ea2db587b0d02143211c7b1e6fcc8979f1616d62c712

    • SHA512

      dd6840aed680f0c24de55c49d647a1a0e39fa81274fb8875ae4878c368327a05a0854e4039bf0de8beb204e5ad0dc44037c352c14dc35cd095146971db53d97d

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYA:qDdFJy3QMOtEvwDpjjWMl7T9

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks