General

  • Target

    2024-06-12_dd240022a4c225155ac9e67002386551_cryptolocker

  • Size

    40KB

  • Sample

    240612-xkdrsazcql

  • MD5

    dd240022a4c225155ac9e67002386551

  • SHA1

    1adc7e892b94856de9d3409fb40d75d03f440b8a

  • SHA256

    483cfb5893e384c4c3efb329627df9cccb9385aee08eb91218c223c07f2d01b1

  • SHA512

    e200711dd05e1cbe6c59c5b0e0af97926c62360a02ab3599f522935fca85fba5bef3e589edb35c7c15b8b85eaa38324f7a234b2aedb15b7f4045473808bdb0ae

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9L:qDdFJy3QMOtEvwDpjjWMl7T0

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-12_dd240022a4c225155ac9e67002386551_cryptolocker

    • Size

      40KB

    • MD5

      dd240022a4c225155ac9e67002386551

    • SHA1

      1adc7e892b94856de9d3409fb40d75d03f440b8a

    • SHA256

      483cfb5893e384c4c3efb329627df9cccb9385aee08eb91218c223c07f2d01b1

    • SHA512

      e200711dd05e1cbe6c59c5b0e0af97926c62360a02ab3599f522935fca85fba5bef3e589edb35c7c15b8b85eaa38324f7a234b2aedb15b7f4045473808bdb0ae

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9L:qDdFJy3QMOtEvwDpjjWMl7T0

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks