General

  • Target

    2024-06-10_fa380a76cceb9950a6d99b32c43a8ef0_cryptolocker

  • Size

    54KB

  • Sample

    240610-1l62hasdll

  • MD5

    fa380a76cceb9950a6d99b32c43a8ef0

  • SHA1

    c4f042e606704e4adfae54ab0e5dd59c59613a94

  • SHA256

    79b5755194e74f9ab5d0ced5faf07fe921f565ebcb8723c7557568e176772b0d

  • SHA512

    ff6108a9d9738c2c6ff50fb0cdecf569acd984543b735af451acccf8b9128ce4f0ffac1dbfa9391821a234b6b1fd2d2670af716118582b0fc204b5ff2475f4ac

  • SSDEEP

    768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXS:bODOw9acifAoc+v9

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_fa380a76cceb9950a6d99b32c43a8ef0_cryptolocker

    • Size

      54KB

    • MD5

      fa380a76cceb9950a6d99b32c43a8ef0

    • SHA1

      c4f042e606704e4adfae54ab0e5dd59c59613a94

    • SHA256

      79b5755194e74f9ab5d0ced5faf07fe921f565ebcb8723c7557568e176772b0d

    • SHA512

      ff6108a9d9738c2c6ff50fb0cdecf569acd984543b735af451acccf8b9128ce4f0ffac1dbfa9391821a234b6b1fd2d2670af716118582b0fc204b5ff2475f4ac

    • SSDEEP

      768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXS:bODOw9acifAoc+v9

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks