Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_5203181bf9b9512d2286915018182d89_cryptolocker

  • Size

    46KB

  • Sample

    240125-avlttacbg6

  • MD5

    5203181bf9b9512d2286915018182d89

  • SHA1

    00d10b1908b9d341bfcc7970a3c52181504001a3

  • SHA256

    15828ec94ad311e0ddd5d863266c7f880e37c65d3b3584a199ef7266d1e5f978

  • SHA512

    0ef2f579050ef87e9f7d2f22ab171ecd39d9a8457e3b11156405047f08c606fd162cd85dd7fb2e3c4a30d7b415c573f2d07e8b13a4ecba12d8c601193845ef49

  • SSDEEP

    384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIq0:XS5nQJ24LR1bytOOtEvwDpjNbP/3lAK

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_5203181bf9b9512d2286915018182d89_cryptolocker

    • Size

      46KB

    • MD5

      5203181bf9b9512d2286915018182d89

    • SHA1

      00d10b1908b9d341bfcc7970a3c52181504001a3

    • SHA256

      15828ec94ad311e0ddd5d863266c7f880e37c65d3b3584a199ef7266d1e5f978

    • SHA512

      0ef2f579050ef87e9f7d2f22ab171ecd39d9a8457e3b11156405047f08c606fd162cd85dd7fb2e3c4a30d7b415c573f2d07e8b13a4ecba12d8c601193845ef49

    • SSDEEP

      384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIq0:XS5nQJ24LR1bytOOtEvwDpjNbP/3lAK

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks