General

  • Target

    2024-06-10_c8961f4e777079592f370ea9250a4485_cryptolocker

  • Size

    89KB

  • Sample

    240610-gyj8qada5t

  • MD5

    c8961f4e777079592f370ea9250a4485

  • SHA1

    543d87f262860e25cc0e7ec6099b33c105a748f2

  • SHA256

    f1fb803e6215ead39235fae1ceba40cae2627e35342d710a66e900cebb637666

  • SHA512

    963b30071d0b7f5cbd3c12acfbaf20e0f6cba61eb3d387779952f0ff171fd20421523ed369b1b90551a6386f9d8b357022ee8d4b64276ce9a4be10ba952ca941

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQP:AnBdOOtEvwDpj6zk

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_c8961f4e777079592f370ea9250a4485_cryptolocker

    • Size

      89KB

    • MD5

      c8961f4e777079592f370ea9250a4485

    • SHA1

      543d87f262860e25cc0e7ec6099b33c105a748f2

    • SHA256

      f1fb803e6215ead39235fae1ceba40cae2627e35342d710a66e900cebb637666

    • SHA512

      963b30071d0b7f5cbd3c12acfbaf20e0f6cba61eb3d387779952f0ff171fd20421523ed369b1b90551a6386f9d8b357022ee8d4b64276ce9a4be10ba952ca941

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQP:AnBdOOtEvwDpj6zk

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks