General

  • Target

    2024-06-13_f00639a9900625f01b09137091e4991a_cryptolocker

  • Size

    91KB

  • Sample

    240613-b6qgtatcql

  • MD5

    f00639a9900625f01b09137091e4991a

  • SHA1

    43ee6fc9827088b61c924b9bf65a9190f884c766

  • SHA256

    7f08cbc4a0a92f1e5842eabe0f3f052256bf39a8f22ec7b4b41c4721e9325fe5

  • SHA512

    f64bd38ebd09d673d176b606efe72079b6603162d0219bb2f8a763f81fe235570af424f13017c08fdc5990ba574ab4f7a1974d4bf1944eaea017624059d64eff

  • SSDEEP

    1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/ya:n6a+1SEOtEvwDpjYYvQd2P6

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_f00639a9900625f01b09137091e4991a_cryptolocker

    • Size

      91KB

    • MD5

      f00639a9900625f01b09137091e4991a

    • SHA1

      43ee6fc9827088b61c924b9bf65a9190f884c766

    • SHA256

      7f08cbc4a0a92f1e5842eabe0f3f052256bf39a8f22ec7b4b41c4721e9325fe5

    • SHA512

      f64bd38ebd09d673d176b606efe72079b6603162d0219bb2f8a763f81fe235570af424f13017c08fdc5990ba574ab4f7a1974d4bf1944eaea017624059d64eff

    • SSDEEP

      1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/ya:n6a+1SEOtEvwDpjYYvQd2P6

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks