General

  • Target

    2024-06-10_f23d3106fdd4e6193c79d4b333731016_cryptolocker

  • Size

    91KB

  • Sample

    240610-1lbwcs1gpe

  • MD5

    f23d3106fdd4e6193c79d4b333731016

  • SHA1

    c4ab05f9b832711597a0cc54c91f851705372ee1

  • SHA256

    8b457ca6057494896c71260c426a73e4413867c0d63c11cb68d38b2da649698a

  • SHA512

    0b0fe4457dd922ef3ce199e334856b7bba84f7326bf98ff07b550061c3bd86a9408dcd12c82607ae5a5e8b6c03ff3ff6dc0f21dcf744a8af3924032842220ef1

  • SSDEEP

    1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAyuF8:n6a+1SEOtEvwDpjYYvQd2PW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_f23d3106fdd4e6193c79d4b333731016_cryptolocker

    • Size

      91KB

    • MD5

      f23d3106fdd4e6193c79d4b333731016

    • SHA1

      c4ab05f9b832711597a0cc54c91f851705372ee1

    • SHA256

      8b457ca6057494896c71260c426a73e4413867c0d63c11cb68d38b2da649698a

    • SHA512

      0b0fe4457dd922ef3ce199e334856b7bba84f7326bf98ff07b550061c3bd86a9408dcd12c82607ae5a5e8b6c03ff3ff6dc0f21dcf744a8af3924032842220ef1

    • SSDEEP

      1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAyuF8:n6a+1SEOtEvwDpjYYvQd2PW

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks