General

  • Target

    2024-06-13_cfa038a9c0d6d7060e809b99bd30f778_cryptolocker

  • Size

    40KB

  • Sample

    240613-ld3lsasfrc

  • MD5

    cfa038a9c0d6d7060e809b99bd30f778

  • SHA1

    5661c87a39e92e5e147d1a8cfa876fc825aafd66

  • SHA256

    fd3022968d1abef2fceb469732ccf395727a86443569228ff45edb82b1843e0b

  • SHA512

    f5829ce04121c3584f32de6e8f972fcf8ff49b86544de6fbd2690570e0a00e63f81a479374036b4be366aa4aff816be0183a4bfed8277115456657a85ad131bb

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9X4:qDdFJy3QMOtEvwDpjjWMl7T3

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_cfa038a9c0d6d7060e809b99bd30f778_cryptolocker

    • Size

      40KB

    • MD5

      cfa038a9c0d6d7060e809b99bd30f778

    • SHA1

      5661c87a39e92e5e147d1a8cfa876fc825aafd66

    • SHA256

      fd3022968d1abef2fceb469732ccf395727a86443569228ff45edb82b1843e0b

    • SHA512

      f5829ce04121c3584f32de6e8f972fcf8ff49b86544de6fbd2690570e0a00e63f81a479374036b4be366aa4aff816be0183a4bfed8277115456657a85ad131bb

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9X4:qDdFJy3QMOtEvwDpjjWMl7T3

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks