General

  • Target

    2024-06-11_0fc0471ec66c3227f04d670050b6ac6e_cryptolocker

  • Size

    70KB

  • Sample

    240611-bgaeasydmj

  • MD5

    0fc0471ec66c3227f04d670050b6ac6e

  • SHA1

    dd7f60e47aa081d1da5d0acebfc6ba1e9a833118

  • SHA256

    b9bb395500b1f57c3027578bb82c3c1c4694da9cc16ccfc6bcad234e1bd5fbce

  • SHA512

    09023146ac920b91f46c80515409e80e6ecaef084e9216ddb298ef60badfab6d7e0c675cd1bf5744e167bf4c1cf6f10fd18b6f6bbf322a21c645de7fde7dc8cc

  • SSDEEP

    768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pu:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAu

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-11_0fc0471ec66c3227f04d670050b6ac6e_cryptolocker

    • Size

      70KB

    • MD5

      0fc0471ec66c3227f04d670050b6ac6e

    • SHA1

      dd7f60e47aa081d1da5d0acebfc6ba1e9a833118

    • SHA256

      b9bb395500b1f57c3027578bb82c3c1c4694da9cc16ccfc6bcad234e1bd5fbce

    • SHA512

      09023146ac920b91f46c80515409e80e6ecaef084e9216ddb298ef60badfab6d7e0c675cd1bf5744e167bf4c1cf6f10fd18b6f6bbf322a21c645de7fde7dc8cc

    • SSDEEP

      768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pu:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAu

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks