General

  • Target

    2024-06-01_909f14ee92ecc2fe37d4649b27d5b0b0_cryptolocker

  • Size

    89KB

  • Sample

    240601-yx89wsed92

  • MD5

    909f14ee92ecc2fe37d4649b27d5b0b0

  • SHA1

    de5498f601d014b8a86227bdb576d3b146653529

  • SHA256

    af9236f61f54ea6d759d58a4cb4ef584850ecbb7b3dce406cddb675d0cd10226

  • SHA512

    8af6499cbf61adb0cbfbbc2c2fe7f7159d93c72c42d9808940a5126d889d215c9c2ce538c5562b85d2b40fbcdd05c1e23f589e999e7f4e0ac7b09fc2304dc8ef

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgi7:AnBdOOtEvwDpj6zw

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-01_909f14ee92ecc2fe37d4649b27d5b0b0_cryptolocker

    • Size

      89KB

    • MD5

      909f14ee92ecc2fe37d4649b27d5b0b0

    • SHA1

      de5498f601d014b8a86227bdb576d3b146653529

    • SHA256

      af9236f61f54ea6d759d58a4cb4ef584850ecbb7b3dce406cddb675d0cd10226

    • SHA512

      8af6499cbf61adb0cbfbbc2c2fe7f7159d93c72c42d9808940a5126d889d215c9c2ce538c5562b85d2b40fbcdd05c1e23f589e999e7f4e0ac7b09fc2304dc8ef

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgi7:AnBdOOtEvwDpj6zw

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks