General

  • Target

    2024-06-01_a4e3bedbf3fb413d5ec57d7235ff3fdc_cryptolocker

  • Size

    66KB

  • Sample

    240601-y2bt7adg61

  • MD5

    a4e3bedbf3fb413d5ec57d7235ff3fdc

  • SHA1

    560d1fb71a481a47da47c660973a52f12276cff1

  • SHA256

    5d1ad4fbf998014541f64d2707ac9c7266fffc571ac76c063330771b4853f0da

  • SHA512

    da4c0e4c648b21208731984bae8f1b595087b2c974b0645b20e82722ebcf4aa10494a7e402e165931aee8869589d0e90c73dad94d5d7759331ada2b29f4a69a9

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyfE:1nK6a+qdOOtEvwDpjP

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-01_a4e3bedbf3fb413d5ec57d7235ff3fdc_cryptolocker

    • Size

      66KB

    • MD5

      a4e3bedbf3fb413d5ec57d7235ff3fdc

    • SHA1

      560d1fb71a481a47da47c660973a52f12276cff1

    • SHA256

      5d1ad4fbf998014541f64d2707ac9c7266fffc571ac76c063330771b4853f0da

    • SHA512

      da4c0e4c648b21208731984bae8f1b595087b2c974b0645b20e82722ebcf4aa10494a7e402e165931aee8869589d0e90c73dad94d5d7759331ada2b29f4a69a9

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyfE:1nK6a+qdOOtEvwDpjP

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks