General

  • Target

    2024-06-02_f5cb21d977d94c3e797cfaffdc7b4e5e_cryptolocker

  • Size

    51KB

  • Sample

    240602-ffzd9acb86

  • MD5

    f5cb21d977d94c3e797cfaffdc7b4e5e

  • SHA1

    921324e2380fff3e2625bacd5c652e63025200af

  • SHA256

    1809d2cb7a90663d08c73ccfd0dac26cf0c4b6db30860aecc6c2d91ef06bac96

  • SHA512

    ea1122885b1cfeaa5d47dac4872088ce6c1770d61e634fd71cd8c917aca02ec57dd1b7840b07a3bfe6e7a9a7b1bd9e30ff025de951ea110e76184b4f7415d0a3

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MocCP:qmbhXDmjr5MOtEvwDpj5cDtKkQZQFkq

Score
10/10

Malware Config

Targets

    • Target

      2024-06-02_f5cb21d977d94c3e797cfaffdc7b4e5e_cryptolocker

    • Size

      51KB

    • MD5

      f5cb21d977d94c3e797cfaffdc7b4e5e

    • SHA1

      921324e2380fff3e2625bacd5c652e63025200af

    • SHA256

      1809d2cb7a90663d08c73ccfd0dac26cf0c4b6db30860aecc6c2d91ef06bac96

    • SHA512

      ea1122885b1cfeaa5d47dac4872088ce6c1770d61e634fd71cd8c917aca02ec57dd1b7840b07a3bfe6e7a9a7b1bd9e30ff025de951ea110e76184b4f7415d0a3

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MocCP:qmbhXDmjr5MOtEvwDpj5cDtKkQZQFkq

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks