General

  • Target

    2024-06-11_e420cf19f333593700820b79d23b8e76_cryptolocker

  • Size

    70KB

  • Sample

    240611-a4twsaxcqb

  • MD5

    e420cf19f333593700820b79d23b8e76

  • SHA1

    4a151065701d576d556e0e86bb3e11c06b005c40

  • SHA256

    d9e3d5a18ee943a4dab28f77bcfd7ce0053e4bafde0eee0745702751f015a15e

  • SHA512

    f53c3be4ede083c50d8961c5265f6ca6e1d78b632e0b6740df637d32aac8fd5ea9724ce936250b0963f0e4d2a69705cb871264a7b7e02c3858489b3e48044ef4

  • SSDEEP

    768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pe:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAe

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-11_e420cf19f333593700820b79d23b8e76_cryptolocker

    • Size

      70KB

    • MD5

      e420cf19f333593700820b79d23b8e76

    • SHA1

      4a151065701d576d556e0e86bb3e11c06b005c40

    • SHA256

      d9e3d5a18ee943a4dab28f77bcfd7ce0053e4bafde0eee0745702751f015a15e

    • SHA512

      f53c3be4ede083c50d8961c5265f6ca6e1d78b632e0b6740df637d32aac8fd5ea9724ce936250b0963f0e4d2a69705cb871264a7b7e02c3858489b3e48044ef4

    • SSDEEP

      768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pe:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAe

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks