General

  • Target

    2024-06-11_a9fcb43baf8fae663fc8602b7e73fcf4_cryptolocker

  • Size

    70KB

  • Sample

    240611-a1aczaxfmm

  • MD5

    a9fcb43baf8fae663fc8602b7e73fcf4

  • SHA1

    8f1c22a7fa3b1bfa97c53e752aa6f141e6b0c8ef

  • SHA256

    b7c6b23c2aa786cf1cbb7a763ca68a3683c5faddb5532e9c3e16d3c3a9346618

  • SHA512

    debadd19f643311c33b4cdea98244ed3d0066062a58462f9b3c4860141597a53ed730123913bb42e6d01429710c0c44a12202c392ccb33e5536eb08bd5a8773e

  • SSDEEP

    768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PL:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAL

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-11_a9fcb43baf8fae663fc8602b7e73fcf4_cryptolocker

    • Size

      70KB

    • MD5

      a9fcb43baf8fae663fc8602b7e73fcf4

    • SHA1

      8f1c22a7fa3b1bfa97c53e752aa6f141e6b0c8ef

    • SHA256

      b7c6b23c2aa786cf1cbb7a763ca68a3683c5faddb5532e9c3e16d3c3a9346618

    • SHA512

      debadd19f643311c33b4cdea98244ed3d0066062a58462f9b3c4860141597a53ed730123913bb42e6d01429710c0c44a12202c392ccb33e5536eb08bd5a8773e

    • SSDEEP

      768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PL:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAL

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks