Overview

overview

10

Static

static

10

2024-01-26...er.exe

windows7-x64

9

2024-01-26...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-26_4bd2e01ff9a79f0fd448f5a8a40e8a79_cryptolocker

  • Size

    40KB

  • Sample

    240126-e24qeseah7

  • MD5

    4bd2e01ff9a79f0fd448f5a8a40e8a79

  • SHA1

    a23852bed98f7023ae304f0bc8632b151ad99218

  • SHA256

    96f2952364c593f80a87b3f76d83412d9b85321c9116318a88de2cb3911f2927

  • SHA512

    0f279d65920ba2a61dcba5602fc10955d1bc56f6771f55c7103e33b46bf9004c73181b6423264fab1861503cf6c7fc16b2a2137a5b371bcf2ecb27e7330ebb14

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAz:b/pYayGig5HjS3NPAz

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-01-26_4bd2e01ff9a79f0fd448f5a8a40e8a79_cryptolocker

    • Size

      40KB

    • MD5

      4bd2e01ff9a79f0fd448f5a8a40e8a79

    • SHA1

      a23852bed98f7023ae304f0bc8632b151ad99218

    • SHA256

      96f2952364c593f80a87b3f76d83412d9b85321c9116318a88de2cb3911f2927

    • SHA512

      0f279d65920ba2a61dcba5602fc10955d1bc56f6771f55c7103e33b46bf9004c73181b6423264fab1861503cf6c7fc16b2a2137a5b371bcf2ecb27e7330ebb14

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAz:b/pYayGig5HjS3NPAz

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks