Overview

overview

10

Static

static

10

2024-01-28...er.exe

windows7-x64

9

2024-01-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-01-28_b5b33cd16699d3d7b3e46a677eb9a862_cryptolocker

  • Size

    46KB

  • Sample

    240128-mktg5aggh4

  • MD5

    b5b33cd16699d3d7b3e46a677eb9a862

  • SHA1

    91b76b09e72171790a6bb66a339ae29c66fc0dd5

  • SHA256

    71e6438c1d8627e3de62880517f7414a7d9ff1173d7ea5f6f6774a8c2a239603

  • SHA512

    f08eacebf2752c9e1ea737692b7503651aeb92fb11b648d94cb4b2fb31e4c555e77006aff8362e0d819f505d1db2f68fff19bfb096e66b1e0d56813b3577e4e1

  • SSDEEP

    384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/7IQr:XS5nQJ24LR1bytOOtEvwDpjNbP/MQr

Score
10/10

Malware Config

Targets

    • Target

      2024-01-28_b5b33cd16699d3d7b3e46a677eb9a862_cryptolocker

    • Size

      46KB

    • MD5

      b5b33cd16699d3d7b3e46a677eb9a862

    • SHA1

      91b76b09e72171790a6bb66a339ae29c66fc0dd5

    • SHA256

      71e6438c1d8627e3de62880517f7414a7d9ff1173d7ea5f6f6774a8c2a239603

    • SHA512

      f08eacebf2752c9e1ea737692b7503651aeb92fb11b648d94cb4b2fb31e4c555e77006aff8362e0d819f505d1db2f68fff19bfb096e66b1e0d56813b3577e4e1

    • SSDEEP

      384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/7IQr:XS5nQJ24LR1bytOOtEvwDpjNbP/MQr

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks