General

  • Target

    2024-06-02_e80a80e162ea79c8e840116b86aa6c6c_cryptolocker

  • Size

    66KB

  • Sample

    240602-fe24racb44

  • MD5

    e80a80e162ea79c8e840116b86aa6c6c

  • SHA1

    767d0561ef480ca185a5f9319eb451d6eb547cac

  • SHA256

    49623aa82788072a4ba056d14d9fb201004d07268c09e174bcda3ac6bfbba270

  • SHA512

    090eb5f163efbd6fbd5dffed39e1b7c17d88e78f638ed6e11f956c1e90c1d8280724f1170169bc617e40ed6c982c1278e27f6455c80643f73172fe67fec4b029

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyfy:1nK6a+qdOOtEvwDpjd

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-02_e80a80e162ea79c8e840116b86aa6c6c_cryptolocker

    • Size

      66KB

    • MD5

      e80a80e162ea79c8e840116b86aa6c6c

    • SHA1

      767d0561ef480ca185a5f9319eb451d6eb547cac

    • SHA256

      49623aa82788072a4ba056d14d9fb201004d07268c09e174bcda3ac6bfbba270

    • SHA512

      090eb5f163efbd6fbd5dffed39e1b7c17d88e78f638ed6e11f956c1e90c1d8280724f1170169bc617e40ed6c982c1278e27f6455c80643f73172fe67fec4b029

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyfy:1nK6a+qdOOtEvwDpjd

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks