Overview

overview

10

Static

static

10

2024-02-03...er.exe

windows7-x64

9

2024-02-03...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-03_26a042a9b8307500bd5d88d848e0bf4f_cryptolocker

  • Size

    146KB

  • Sample

    240203-kbshcsfdbk

  • MD5

    26a042a9b8307500bd5d88d848e0bf4f

  • SHA1

    e8623b4978840bd327309e3c7744b817f1a0a0b5

  • SHA256

    d0462bd2b64e29b16b0985aaa0dd35280fb1a07ef2f6616377521786742463d3

  • SHA512

    383edc216e92dd446ea0b34869f545f1692144492d62c0d1ae8781bc50f23e94e9cdcd8739caf883981f3951c947aa1eac1ceff3bd7aaae74f837331400f1dde

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFb:V6a+pOtEvwDpjt22v

Score
10/10

Malware Config

Targets

    • Target

      2024-02-03_26a042a9b8307500bd5d88d848e0bf4f_cryptolocker

    • Size

      146KB

    • MD5

      26a042a9b8307500bd5d88d848e0bf4f

    • SHA1

      e8623b4978840bd327309e3c7744b817f1a0a0b5

    • SHA256

      d0462bd2b64e29b16b0985aaa0dd35280fb1a07ef2f6616377521786742463d3

    • SHA512

      383edc216e92dd446ea0b34869f545f1692144492d62c0d1ae8781bc50f23e94e9cdcd8739caf883981f3951c947aa1eac1ceff3bd7aaae74f837331400f1dde

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFb:V6a+pOtEvwDpjt22v

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks