General

  • Target

    2024-06-03_ed96f24e9d93e4d095d1b7d503f6def6_cryptolocker

  • Size

    56KB

  • Sample

    240603-jpnwnage2y

  • MD5

    ed96f24e9d93e4d095d1b7d503f6def6

  • SHA1

    491ee20f3e8aa715918032a31ca88614d107d10f

  • SHA256

    ec73a490a8adab3b93436b331a6077f523da9806919ccb00bb73c93d6cab4c52

  • SHA512

    59281563abced140e184be204c450524bf56b79285b6dc3f1b20be4de9a2c7035ac6f0621452bb4d567ab8f5725886454dde1aea4dab3ca31ebaf03bfb7e26f4

  • SSDEEP

    768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlD:bP9g/xtCS3Dxx0A

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-03_ed96f24e9d93e4d095d1b7d503f6def6_cryptolocker

    • Size

      56KB

    • MD5

      ed96f24e9d93e4d095d1b7d503f6def6

    • SHA1

      491ee20f3e8aa715918032a31ca88614d107d10f

    • SHA256

      ec73a490a8adab3b93436b331a6077f523da9806919ccb00bb73c93d6cab4c52

    • SHA512

      59281563abced140e184be204c450524bf56b79285b6dc3f1b20be4de9a2c7035ac6f0621452bb4d567ab8f5725886454dde1aea4dab3ca31ebaf03bfb7e26f4

    • SSDEEP

      768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlD:bP9g/xtCS3Dxx0A

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks