General

  • Target

    2024-06-13_3b4a36c9e8cce4306d89c6c90d387c75_cryptolocker

  • Size

    96KB

  • Sample

    240613-d2bh7swerp

  • MD5

    3b4a36c9e8cce4306d89c6c90d387c75

  • SHA1

    2b8da7798f2f57193b3e0f7aee127ed0540ae2bc

  • SHA256

    7d2ca254209a5d5570b2cf77f34c52da91e90781dc197efc2812cebb71bae021

  • SHA512

    b646437639e7e7fd7245b4435062329c361bc038892fc54ef150f19a8b5f50cb829205225aff36097be5c934c4a906657cf2bfef6db66976da2783553abe2337

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+YL:AnBdOOtEvwDpj6zd

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_3b4a36c9e8cce4306d89c6c90d387c75_cryptolocker

    • Size

      96KB

    • MD5

      3b4a36c9e8cce4306d89c6c90d387c75

    • SHA1

      2b8da7798f2f57193b3e0f7aee127ed0540ae2bc

    • SHA256

      7d2ca254209a5d5570b2cf77f34c52da91e90781dc197efc2812cebb71bae021

    • SHA512

      b646437639e7e7fd7245b4435062329c361bc038892fc54ef150f19a8b5f50cb829205225aff36097be5c934c4a906657cf2bfef6db66976da2783553abe2337

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+YL:AnBdOOtEvwDpj6zd

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks