General

  • Target

    2024-06-12_a6d5c2df9a8bc8994e408c009591db9d_cryptolocker

  • Size

    60KB

  • Sample

    240612-ygv3bsxfla

  • MD5

    a6d5c2df9a8bc8994e408c009591db9d

  • SHA1

    61d0720aef5ef5452240e5e799784d3f1e1dd2b7

  • SHA256

    837ec02c147a8b241439200d2248399db1587c675bd1f579491bc82967f55415

  • SHA512

    f4522c97c8a072cc90d3c8d803b904ccb51fc4b95a901aec4056ce47ccb1cc39de9ebe39f85cdbb66736931f541fdf6983db4cc3893f60f5de56d4af869bdbaa

  • SSDEEP

    768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6p4:H6QFElP6n+gou9cvMOtEvwDpjCpVXy

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-12_a6d5c2df9a8bc8994e408c009591db9d_cryptolocker

    • Size

      60KB

    • MD5

      a6d5c2df9a8bc8994e408c009591db9d

    • SHA1

      61d0720aef5ef5452240e5e799784d3f1e1dd2b7

    • SHA256

      837ec02c147a8b241439200d2248399db1587c675bd1f579491bc82967f55415

    • SHA512

      f4522c97c8a072cc90d3c8d803b904ccb51fc4b95a901aec4056ce47ccb1cc39de9ebe39f85cdbb66736931f541fdf6983db4cc3893f60f5de56d4af869bdbaa

    • SSDEEP

      768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6p4:H6QFElP6n+gou9cvMOtEvwDpjCpVXy

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks