General

  • Target

    2024-06-13_d59437812874677ed8ee1cd93ba381e5_cryptolocker

  • Size

    81KB

  • Sample

    240613-eesdwaxbjk

  • MD5

    d59437812874677ed8ee1cd93ba381e5

  • SHA1

    24253c8e56968f82a9424886dfad62ddac9af2b1

  • SHA256

    7287a18940e31aa44272fa80b61a79c81c538a4c903fcfc93907ca3e6ee2f481

  • SHA512

    f421358080b4d4fcdb7d05f8a715882199753b7929359855fb0a77899a3cf3a865c38cf4c8869266db9484e16c969643398d74224aecaa60374bed17c3c7107a

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qia:zCsanOtEvwDpjt

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_d59437812874677ed8ee1cd93ba381e5_cryptolocker

    • Size

      81KB

    • MD5

      d59437812874677ed8ee1cd93ba381e5

    • SHA1

      24253c8e56968f82a9424886dfad62ddac9af2b1

    • SHA256

      7287a18940e31aa44272fa80b61a79c81c538a4c903fcfc93907ca3e6ee2f481

    • SHA512

      f421358080b4d4fcdb7d05f8a715882199753b7929359855fb0a77899a3cf3a865c38cf4c8869266db9484e16c969643398d74224aecaa60374bed17c3c7107a

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qia:zCsanOtEvwDpjt

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks