General

  • Target

    2024-06-07_6977f848b4b64a47b11fd0bf7a4aeebc_cryptolocker

  • Size

    41KB

  • Sample

    240607-wkla7acf87

  • MD5

    6977f848b4b64a47b11fd0bf7a4aeebc

  • SHA1

    d60cd9e2bd6c063c26b7536e04d0b83d80779007

  • SHA256

    6bb453ed9cc0f0316852fbfdca2d27377a81108332f2a30ab02d8ee554b2eb87

  • SHA512

    a9e6f33703078b4558d236776579c79f972e21984895645ed13fde93897be56ae683f55452180eddcbd465fb8976115cd924673c9ffbb90d26b33198f99cbadc

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBc4S0:qDdFJy3QMOtEvwDpjjWMl7Tds0

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-07_6977f848b4b64a47b11fd0bf7a4aeebc_cryptolocker

    • Size

      41KB

    • MD5

      6977f848b4b64a47b11fd0bf7a4aeebc

    • SHA1

      d60cd9e2bd6c063c26b7536e04d0b83d80779007

    • SHA256

      6bb453ed9cc0f0316852fbfdca2d27377a81108332f2a30ab02d8ee554b2eb87

    • SHA512

      a9e6f33703078b4558d236776579c79f972e21984895645ed13fde93897be56ae683f55452180eddcbd465fb8976115cd924673c9ffbb90d26b33198f99cbadc

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBc4S0:qDdFJy3QMOtEvwDpjjWMl7Tds0

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks