General

  • Target

    2024-06-11_f70378e0cc1359fe1feaadc6df5c0a8f_cryptolocker

  • Size

    40KB

  • Sample

    240611-btq8ksydqa

  • MD5

    f70378e0cc1359fe1feaadc6df5c0a8f

  • SHA1

    93c05ba709ced15b19e5f323e1033a4303dd916c

  • SHA256

    c07b9815d241658c5388fb44aafac7d2a69bb46c57e8bd09faec098e1f96af3c

  • SHA512

    dae6edd6abe73ce77e25379ce8b7fa85d2fa60e79459ce532a4da22223501ae83d4d12b953ad27fe766ad7b86d2ff7f82e4be27c935767f7a51501f4f502a1ee

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9FF:qDdFJy3QMOtEvwDpjjWMl7T4

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-11_f70378e0cc1359fe1feaadc6df5c0a8f_cryptolocker

    • Size

      40KB

    • MD5

      f70378e0cc1359fe1feaadc6df5c0a8f

    • SHA1

      93c05ba709ced15b19e5f323e1033a4303dd916c

    • SHA256

      c07b9815d241658c5388fb44aafac7d2a69bb46c57e8bd09faec098e1f96af3c

    • SHA512

      dae6edd6abe73ce77e25379ce8b7fa85d2fa60e79459ce532a4da22223501ae83d4d12b953ad27fe766ad7b86d2ff7f82e4be27c935767f7a51501f4f502a1ee

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9FF:qDdFJy3QMOtEvwDpjjWMl7T4

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks