General

  • Target

    2024-06-10_2a994b9738c26332ff200e406517aaa0_cryptolocker

  • Size

    33KB

  • Sample

    240610-1a43rs1ckg

  • MD5

    2a994b9738c26332ff200e406517aaa0

  • SHA1

    2b4f3d36eb2f83a8e9a4dd415a40098adbce47fc

  • SHA256

    ebc6a4320649bc3b3e4f4b42a009e1c4c8449ac2a75128121c8627b062884ad3

  • SHA512

    b904924ef3474593e779cd567d24b492fbfcec0e9ebd26d6c0e490406a88980bf0d581b470f1cba962705c61060a521affa53e2ed38c3251cfe8a573d0be95d5

  • SSDEEP

    768:q46yu4M3Eu2smnbcuyD7U9dtOOtEvwDpjeMLa5vONrM:q4ZbMb2pnouy8TMOtEvwDpjjaKI

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_2a994b9738c26332ff200e406517aaa0_cryptolocker

    • Size

      33KB

    • MD5

      2a994b9738c26332ff200e406517aaa0

    • SHA1

      2b4f3d36eb2f83a8e9a4dd415a40098adbce47fc

    • SHA256

      ebc6a4320649bc3b3e4f4b42a009e1c4c8449ac2a75128121c8627b062884ad3

    • SHA512

      b904924ef3474593e779cd567d24b492fbfcec0e9ebd26d6c0e490406a88980bf0d581b470f1cba962705c61060a521affa53e2ed38c3251cfe8a573d0be95d5

    • SSDEEP

      768:q46yu4M3Eu2smnbcuyD7U9dtOOtEvwDpjeMLa5vONrM:q4ZbMb2pnouy8TMOtEvwDpjjaKI

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks