General

  • Target

    2024-06-07_1fe376ad2fe34aaec6adce44417d2003_cryptolocker

  • Size

    89KB

  • Sample

    240607-ssxseaad3s

  • MD5

    1fe376ad2fe34aaec6adce44417d2003

  • SHA1

    88f0e7c5b65a4afaa4234616160839db03696fec

  • SHA256

    fbc2170401ce0a217c8e3df1af4246eb535605e4260557c933cd9c45a6977478

  • SHA512

    9fd4a415bdce0d06f2c7e6132dd0c7112fe18bc4f2c80ec82d5e573afe64a890ec8f50f6884b9f64d2abd935192d6ce5cbf77db92670377b7983823ec1a8a5af

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQ/:AnBdOOtEvwDpj6zU

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-07_1fe376ad2fe34aaec6adce44417d2003_cryptolocker

    • Size

      89KB

    • MD5

      1fe376ad2fe34aaec6adce44417d2003

    • SHA1

      88f0e7c5b65a4afaa4234616160839db03696fec

    • SHA256

      fbc2170401ce0a217c8e3df1af4246eb535605e4260557c933cd9c45a6977478

    • SHA512

      9fd4a415bdce0d06f2c7e6132dd0c7112fe18bc4f2c80ec82d5e573afe64a890ec8f50f6884b9f64d2abd935192d6ce5cbf77db92670377b7983823ec1a8a5af

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQ/:AnBdOOtEvwDpj6zU

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks