General

  • Target

    2024-06-06_ff93fb0e4c05db4bffdc2bd19f436b04_cryptolocker

  • Size

    40KB

  • Sample

    240606-y35hwsbe41

  • MD5

    ff93fb0e4c05db4bffdc2bd19f436b04

  • SHA1

    1dc0a382aac158321b484639399e758f378f9df2

  • SHA256

    d03218057c2d0750e92e3fe3e1a5af71fb5251f37ec49d32186c493b73b091a9

  • SHA512

    ec7a0aa19916816a10a920218833ed035d0760a0e5e5363984f55dcd17cea42d3dad581eabf384f5f5ed7acd565bad4a56ca121b252acfed134dbd83fd18384b

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBWJ:qDdFJy3QMOtEvwDpjjWMl7Tdu

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-06_ff93fb0e4c05db4bffdc2bd19f436b04_cryptolocker

    • Size

      40KB

    • MD5

      ff93fb0e4c05db4bffdc2bd19f436b04

    • SHA1

      1dc0a382aac158321b484639399e758f378f9df2

    • SHA256

      d03218057c2d0750e92e3fe3e1a5af71fb5251f37ec49d32186c493b73b091a9

    • SHA512

      ec7a0aa19916816a10a920218833ed035d0760a0e5e5363984f55dcd17cea42d3dad581eabf384f5f5ed7acd565bad4a56ca121b252acfed134dbd83fd18384b

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBWJ:qDdFJy3QMOtEvwDpjjWMl7Tdu

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks