Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-01-25_4cd3a29d372d377824f3bfcc83fa7bbe_cryptolocker

  • Size

    40KB

  • Sample

    240125-pm9y1agdbk

  • MD5

    4cd3a29d372d377824f3bfcc83fa7bbe

  • SHA1

    357f65e899e19244ca7e91716913d2ac7514040b

  • SHA256

    221cec84d41785f07459ef829b9cf3d7774a7af5b8beea8bddba36f9a0cddeaf

  • SHA512

    35d2522f0e39cf22c9764cecbaacb23d929c91062938ccacad982a27fbe9f3404758bc20d9b4d92ba71293661a10e919b01711a6b0cd3eea2954979d71c3280a

  • SSDEEP

    384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOg:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/e

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_4cd3a29d372d377824f3bfcc83fa7bbe_cryptolocker

    • Size

      40KB

    • MD5

      4cd3a29d372d377824f3bfcc83fa7bbe

    • SHA1

      357f65e899e19244ca7e91716913d2ac7514040b

    • SHA256

      221cec84d41785f07459ef829b9cf3d7774a7af5b8beea8bddba36f9a0cddeaf

    • SHA512

      35d2522f0e39cf22c9764cecbaacb23d929c91062938ccacad982a27fbe9f3404758bc20d9b4d92ba71293661a10e919b01711a6b0cd3eea2954979d71c3280a

    • SSDEEP

      384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOg:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/e

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks