General

  • Target

    2024-06-07_14200b1e1f17abe5c85ac1cae3d31768_cryptolocker

  • Size

    81KB

  • Sample

    240607-t1w2hsca94

  • MD5

    14200b1e1f17abe5c85ac1cae3d31768

  • SHA1

    968016803046e0c007b1a2e60418ff5a72ee73c9

  • SHA256

    bf3fe4a3db6ac1b4a633bdbc7929b8cc56359ababd98dba3446c2167a7e56864

  • SHA512

    8ac69483bb61b5739798bcc00556e21205d9aad27d10dbb5fcaf73d8289bee3b272462d45087b04762630a0562dad8af2c17028f31f4279577d0a25b9e114ced

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdI:T6a+rdOOtEvwDpjNta

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-07_14200b1e1f17abe5c85ac1cae3d31768_cryptolocker

    • Size

      81KB

    • MD5

      14200b1e1f17abe5c85ac1cae3d31768

    • SHA1

      968016803046e0c007b1a2e60418ff5a72ee73c9

    • SHA256

      bf3fe4a3db6ac1b4a633bdbc7929b8cc56359ababd98dba3446c2167a7e56864

    • SHA512

      8ac69483bb61b5739798bcc00556e21205d9aad27d10dbb5fcaf73d8289bee3b272462d45087b04762630a0562dad8af2c17028f31f4279577d0a25b9e114ced

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdI:T6a+rdOOtEvwDpjNta

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks