General

  • Target

    2024-06-13_1a7e78394b1343faccc2c00c0958e151_cryptolocker

  • Size

    40KB

  • Sample

    240613-dzpytawelq

  • MD5

    1a7e78394b1343faccc2c00c0958e151

  • SHA1

    8ad307764c17c4fb6f12d83f1c2fd7175a400ed4

  • SHA256

    522e30cf56e2ddaa4c3fb1ebbd99996fe0df7756a6fa7bcbff3b01821b9d1afd

  • SHA512

    071a33c6b4eb68921a6395e5d0edcf3f3cd5a17f8a9187af4468b438f725f1e6e8ad561f0e3e5b54a1f139002f1767bce843cc15c5a9e8ca2744921e6fea5b9d

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDb2C:qDdFJy3QMOtEvwDpjjWMl7Td/

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_1a7e78394b1343faccc2c00c0958e151_cryptolocker

    • Size

      40KB

    • MD5

      1a7e78394b1343faccc2c00c0958e151

    • SHA1

      8ad307764c17c4fb6f12d83f1c2fd7175a400ed4

    • SHA256

      522e30cf56e2ddaa4c3fb1ebbd99996fe0df7756a6fa7bcbff3b01821b9d1afd

    • SHA512

      071a33c6b4eb68921a6395e5d0edcf3f3cd5a17f8a9187af4468b438f725f1e6e8ad561f0e3e5b54a1f139002f1767bce843cc15c5a9e8ca2744921e6fea5b9d

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDb2C:qDdFJy3QMOtEvwDpjjWMl7Td/

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks