General

  • Target

    2024-06-03_ef93abd6111a357180bdf982363d66a1_cryptolocker

  • Size

    53KB

  • Sample

    240603-kqj5jaag33

  • MD5

    ef93abd6111a357180bdf982363d66a1

  • SHA1

    35fd35a86405acc66b9fb017562bd56a48b76367

  • SHA256

    44e700aa254e9f1847c4ddec755592a6e68b798e030e2d2291ccf124fc0720e9

  • SHA512

    4aa2685030c494cae4da10296b286ea6e3080d98ad9e7226b4644cc6ff437dd61a0e77b237c4c7925ff9120e3665c7cdbefd80d9a893025195c41c049b74b72e

  • SSDEEP

    768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXQ:bODOw9acifAoc+vj

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-03_ef93abd6111a357180bdf982363d66a1_cryptolocker

    • Size

      53KB

    • MD5

      ef93abd6111a357180bdf982363d66a1

    • SHA1

      35fd35a86405acc66b9fb017562bd56a48b76367

    • SHA256

      44e700aa254e9f1847c4ddec755592a6e68b798e030e2d2291ccf124fc0720e9

    • SHA512

      4aa2685030c494cae4da10296b286ea6e3080d98ad9e7226b4644cc6ff437dd61a0e77b237c4c7925ff9120e3665c7cdbefd80d9a893025195c41c049b74b72e

    • SSDEEP

      768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXQ:bODOw9acifAoc+vj

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks