General

  • Target

    2024-06-06_fbb8c4a1b54512154299bfced75a3d33_cryptolocker

  • Size

    39KB

  • Sample

    240606-y3m9lsbe4v

  • MD5

    fbb8c4a1b54512154299bfced75a3d33

  • SHA1

    1e6c6e902fd86cfb152481f38c1645cbbd662d75

  • SHA256

    2283008a3a777a55476ba0fc9f956826be73ca9cd40fedf52062577919097091

  • SHA512

    e03daab25bc3dd0acb4e3d182d7dd2d1d75db398bd5814870a742e5b6f97c7858f71097659f62591a2d76e34b4212e7841e3b08f483e2e725863564ce2a1698e

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaB0F:qDdFJy3QMOtEvwDpjjWMl7TdCF

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-06_fbb8c4a1b54512154299bfced75a3d33_cryptolocker

    • Size

      39KB

    • MD5

      fbb8c4a1b54512154299bfced75a3d33

    • SHA1

      1e6c6e902fd86cfb152481f38c1645cbbd662d75

    • SHA256

      2283008a3a777a55476ba0fc9f956826be73ca9cd40fedf52062577919097091

    • SHA512

      e03daab25bc3dd0acb4e3d182d7dd2d1d75db398bd5814870a742e5b6f97c7858f71097659f62591a2d76e34b4212e7841e3b08f483e2e725863564ce2a1698e

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaB0F:qDdFJy3QMOtEvwDpjjWMl7TdCF

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks