General

  • Target

    2024-06-12_b9c9bf94886990023da10cbfba29c9f6_cryptolocker

  • Size

    81KB

  • Sample

    240612-xjyqkazcnq

  • MD5

    b9c9bf94886990023da10cbfba29c9f6

  • SHA1

    a152d1fbbdcf9285b1f3c60f5ab31decf8010f22

  • SHA256

    79f487ce6d5b40f87ebd2e1c2af64f80eef73b916060eceb78c0f7a1a7a5a49c

  • SHA512

    bf0a62394183fefbfa6398271f88d9dc574bfa5aefe431cbff502f1da4a639acf8fd45cd0927754871d45023db034bb0b4fa1c5d70fee38589be7b7b3598dd01

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QX/:zCsanOtEvwDpjr

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-12_b9c9bf94886990023da10cbfba29c9f6_cryptolocker

    • Size

      81KB

    • MD5

      b9c9bf94886990023da10cbfba29c9f6

    • SHA1

      a152d1fbbdcf9285b1f3c60f5ab31decf8010f22

    • SHA256

      79f487ce6d5b40f87ebd2e1c2af64f80eef73b916060eceb78c0f7a1a7a5a49c

    • SHA512

      bf0a62394183fefbfa6398271f88d9dc574bfa5aefe431cbff502f1da4a639acf8fd45cd0927754871d45023db034bb0b4fa1c5d70fee38589be7b7b3598dd01

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QX/:zCsanOtEvwDpjr

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks