General

  • Target

    2024-06-03_8642c955158c4c44c0c2d79a8b645e0b_cryptolocker

  • Size

    40KB

  • Sample

    240603-jg9hdsgc5t

  • MD5

    8642c955158c4c44c0c2d79a8b645e0b

  • SHA1

    f095b5538e6656a2b55482814c5aa8fe087464d0

  • SHA256

    bdbf7652acec2418bd778662551459011869e091c1aa490325bc6e20508149df

  • SHA512

    c7b32bd0244f2b929676fb0b78aa6d3060c0246491d52859f7537bbfa2f7e5cb5b62f86762977b32917d38524f82a561b281d2dfcc0eab7d2ac3b29e10d7e705

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYs:qDdFJy3QMOtEvwDpjjWMl7TB

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-03_8642c955158c4c44c0c2d79a8b645e0b_cryptolocker

    • Size

      40KB

    • MD5

      8642c955158c4c44c0c2d79a8b645e0b

    • SHA1

      f095b5538e6656a2b55482814c5aa8fe087464d0

    • SHA256

      bdbf7652acec2418bd778662551459011869e091c1aa490325bc6e20508149df

    • SHA512

      c7b32bd0244f2b929676fb0b78aa6d3060c0246491d52859f7537bbfa2f7e5cb5b62f86762977b32917d38524f82a561b281d2dfcc0eab7d2ac3b29e10d7e705

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYs:qDdFJy3QMOtEvwDpjjWMl7TB

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks