General

  • Target

    2024-06-11_5ef943aa61437fea009d7938a2c3dd27_cryptolocker

  • Size

    71KB

  • Sample

    240611-f7keeawhrm

  • MD5

    5ef943aa61437fea009d7938a2c3dd27

  • SHA1

    38237ed7b23472f71cc1c21a0c543ab8177956f2

  • SHA256

    51b1f973b919e953a29c1cc094fa95958bdf726eb2412c9eeb6475b1938bb8f6

  • SHA512

    0414ea89398a933dd45bd203422828e0984bb99f3aad92294494e14226234444fa142cff0ee2272b06fe4d93b69285203a4153694a7ce9e23a1a873c60c1f865

  • SSDEEP

    1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQALk:78SEOtEvwDpjWYvQd2Po

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-11_5ef943aa61437fea009d7938a2c3dd27_cryptolocker

    • Size

      71KB

    • MD5

      5ef943aa61437fea009d7938a2c3dd27

    • SHA1

      38237ed7b23472f71cc1c21a0c543ab8177956f2

    • SHA256

      51b1f973b919e953a29c1cc094fa95958bdf726eb2412c9eeb6475b1938bb8f6

    • SHA512

      0414ea89398a933dd45bd203422828e0984bb99f3aad92294494e14226234444fa142cff0ee2272b06fe4d93b69285203a4153694a7ce9e23a1a873c60c1f865

    • SSDEEP

      1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQALk:78SEOtEvwDpjWYvQd2Po

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks