General

  • Target

    2024-06-13_c978b0f40e49aeed30e93ec78c769fb7_cryptolocker

  • Size

    40KB

  • Sample

    240613-edv4daxapn

  • MD5

    c978b0f40e49aeed30e93ec78c769fb7

  • SHA1

    bd04e690b1254284a5b37d05ca5f6d110bb8d26e

  • SHA256

    b335c2a40e33f28f6155743c330b5fd322b6516d41764f504ef2e9398e425a2b

  • SHA512

    a2b252b85fd3e3de1dceb6591bd53bfcf64193246125363e65ea901d3d03e51dc9406bb461ff1c142137533fcc96468fd577abf52d9bf9dd494677dd1b9b3444

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDbg:qDdFJy3QMOtEvwDpjjWMl7TdM

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_c978b0f40e49aeed30e93ec78c769fb7_cryptolocker

    • Size

      40KB

    • MD5

      c978b0f40e49aeed30e93ec78c769fb7

    • SHA1

      bd04e690b1254284a5b37d05ca5f6d110bb8d26e

    • SHA256

      b335c2a40e33f28f6155743c330b5fd322b6516d41764f504ef2e9398e425a2b

    • SHA512

      a2b252b85fd3e3de1dceb6591bd53bfcf64193246125363e65ea901d3d03e51dc9406bb461ff1c142137533fcc96468fd577abf52d9bf9dd494677dd1b9b3444

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDbg:qDdFJy3QMOtEvwDpjjWMl7TdM

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks