General

  • Target

    2024-06-10_4ab2435763fc457f174828b9c20ced6c_cryptolocker

  • Size

    64KB

  • Sample

    240610-hm96fade2x

  • MD5

    4ab2435763fc457f174828b9c20ced6c

  • SHA1

    6cf95926b57f3b095dd4f47dc5ede98dc99948da

  • SHA256

    fa9423309f075f714fec5321966720ce2ace73304ddb5feb100eaa61fce01040

  • SHA512

    d74f3006078e4a34c36b6f67166c38ed3c6b8f81240e758bf786c878242bcdf83eed5d55ee8e2cacedc1c2fe62b5fc4f2e0f475533d4a4a2ba47f88540ab2bc7

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsi1:BbdDmjr+OtEvwDpjM8c

Score
10/10

Malware Config

Targets

    • Target

      2024-06-10_4ab2435763fc457f174828b9c20ced6c_cryptolocker

    • Size

      64KB

    • MD5

      4ab2435763fc457f174828b9c20ced6c

    • SHA1

      6cf95926b57f3b095dd4f47dc5ede98dc99948da

    • SHA256

      fa9423309f075f714fec5321966720ce2ace73304ddb5feb100eaa61fce01040

    • SHA512

      d74f3006078e4a34c36b6f67166c38ed3c6b8f81240e758bf786c878242bcdf83eed5d55ee8e2cacedc1c2fe62b5fc4f2e0f475533d4a4a2ba47f88540ab2bc7

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsi1:BbdDmjr+OtEvwDpjM8c

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks