General

  • Target

    2024-06-13_d38fb82b8d09bb2ba381b0444f53fc3f_cryptolocker

  • Size

    60KB

  • Sample

    240613-eejrqsxarp

  • MD5

    d38fb82b8d09bb2ba381b0444f53fc3f

  • SHA1

    62db403aa9e7fae2589685b874e77fce92669d9b

  • SHA256

    b4ac22c0f747068ec35ceaabba3edfb7b8a7fdc1996787003b925ec6ae6dcce2

  • SHA512

    a1ac26029137664f34ba038e627040b0d9f3fe0f7c2e1e3afc33e73dd2dc8ef9df31c4a94ad4f5ac9949862a4276261bb8d5943c77f5300c761cf788518626f3

  • SSDEEP

    768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6plz:H6QFElP6n+gou9cvMOtEvwDpjCpVXrz

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_d38fb82b8d09bb2ba381b0444f53fc3f_cryptolocker

    • Size

      60KB

    • MD5

      d38fb82b8d09bb2ba381b0444f53fc3f

    • SHA1

      62db403aa9e7fae2589685b874e77fce92669d9b

    • SHA256

      b4ac22c0f747068ec35ceaabba3edfb7b8a7fdc1996787003b925ec6ae6dcce2

    • SHA512

      a1ac26029137664f34ba038e627040b0d9f3fe0f7c2e1e3afc33e73dd2dc8ef9df31c4a94ad4f5ac9949862a4276261bb8d5943c77f5300c761cf788518626f3

    • SSDEEP

      768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6plz:H6QFElP6n+gou9cvMOtEvwDpjCpVXrz

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks