General

  • Target

    2024-06-02_cac1672c946e539e97367cf14bd5fb4e_cryptolocker

  • Size

    60KB

  • Sample

    240602-f5mrracd8z

  • MD5

    cac1672c946e539e97367cf14bd5fb4e

  • SHA1

    d46758cbe1ac520bca95d4b99c0d2c9a7650bb34

  • SHA256

    44a60550e7634bd6e7d06784f725d064eca35c6a77ef187e391a403f043139e4

  • SHA512

    c00e0cfd398fc0b1f95eff2464603720cfcd871baa573dafc1c944028cf1333082097a03af3cb0852a2919aeea22d52a4dbc644fb7ab7b91c456df5a84959e3c

  • SSDEEP

    768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPjQ:H6QFElP6n+gou9cvMOtEvwDpjCpVXl

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-02_cac1672c946e539e97367cf14bd5fb4e_cryptolocker

    • Size

      60KB

    • MD5

      cac1672c946e539e97367cf14bd5fb4e

    • SHA1

      d46758cbe1ac520bca95d4b99c0d2c9a7650bb34

    • SHA256

      44a60550e7634bd6e7d06784f725d064eca35c6a77ef187e391a403f043139e4

    • SHA512

      c00e0cfd398fc0b1f95eff2464603720cfcd871baa573dafc1c944028cf1333082097a03af3cb0852a2919aeea22d52a4dbc644fb7ab7b91c456df5a84959e3c

    • SSDEEP

      768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPjQ:H6QFElP6n+gou9cvMOtEvwDpjCpVXl

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks