General

  • Target

    2024-06-10_0a908d448371ae10705026f986b96396_cryptolocker

  • Size

    24KB

  • Sample

    240610-g6dqxadh23

  • MD5

    0a908d448371ae10705026f986b96396

  • SHA1

    25d1ba9649831d0a743e90493fc9f4625e2c1af8

  • SHA256

    4ae16d62cac1ba4f1ef14adcf1a19c6a9c4e5b20a2bbbb1a74c79dbf6808baed

  • SHA512

    e96c18d91c62ce66cb22f101a9a10616a68a2eb892b926b70ba8cb3bb818b5c8452ec85039bb9d3aa6501d37f03939ee4462d44705fa0758f248b790d2205a5d

  • SSDEEP

    384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMmHbX:bVCPwFRo6CpwXFXSqQXfjAsmHz

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_0a908d448371ae10705026f986b96396_cryptolocker

    • Size

      24KB

    • MD5

      0a908d448371ae10705026f986b96396

    • SHA1

      25d1ba9649831d0a743e90493fc9f4625e2c1af8

    • SHA256

      4ae16d62cac1ba4f1ef14adcf1a19c6a9c4e5b20a2bbbb1a74c79dbf6808baed

    • SHA512

      e96c18d91c62ce66cb22f101a9a10616a68a2eb892b926b70ba8cb3bb818b5c8452ec85039bb9d3aa6501d37f03939ee4462d44705fa0758f248b790d2205a5d

    • SSDEEP

      384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMmHbX:bVCPwFRo6CpwXFXSqQXfjAsmHz

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks