General

  • Target

    2024-06-10_01a3fac4940fd42c658fa5b967a2abf6_cryptolocker

  • Size

    40KB

  • Sample

    240610-z85lhs1bnd

  • MD5

    01a3fac4940fd42c658fa5b967a2abf6

  • SHA1

    b23ccb1d0f4080106bb8c067a64eed02742c996b

  • SHA256

    ab15792affbf76b3dd0d23c9b36fc8a442101db56ae69a6e988409475404eac2

  • SHA512

    b26240a699500d807e7419e4ed291a84a1e2b44d4e163249426b9fe784296fcca6e495ac483d533ab127173b5cd914bacd53bf7c4c327a0f0551942311fd284b

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9SC:qDdFJy3QMOtEvwDpjjWMl7TZC

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_01a3fac4940fd42c658fa5b967a2abf6_cryptolocker

    • Size

      40KB

    • MD5

      01a3fac4940fd42c658fa5b967a2abf6

    • SHA1

      b23ccb1d0f4080106bb8c067a64eed02742c996b

    • SHA256

      ab15792affbf76b3dd0d23c9b36fc8a442101db56ae69a6e988409475404eac2

    • SHA512

      b26240a699500d807e7419e4ed291a84a1e2b44d4e163249426b9fe784296fcca6e495ac483d533ab127173b5cd914bacd53bf7c4c327a0f0551942311fd284b

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9SC:qDdFJy3QMOtEvwDpjjWMl7TZC

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks