Overview

overview

10

Static

static

10

2024-02-04...er.exe

windows7-x64

9

2024-02-04...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-04_8a64aaae86bf03611c49164c4c92b37c_cryptolocker

  • Size

    149KB

  • Sample

    240204-rwf4dsbhc4

  • MD5

    8a64aaae86bf03611c49164c4c92b37c

  • SHA1

    0672fb1b5b609227170177339f9928e245f4342f

  • SHA256

    34a37c14dface77f812683379e78a4325fb147c1b09699a8e1ff48c4aad1547d

  • SHA512

    b406bade6bad585c77d63d57530df2bc978c36e3234f02308f4414906f04d9e03e55a3f5ce72823ea50ae4e873c052274cd4ceaab8da54c7c890d52b8c2ead7d

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFYrPl:V6a+pOtEvwDpjt22I

Score
10/10

Malware Config

Targets

    • Target

      2024-02-04_8a64aaae86bf03611c49164c4c92b37c_cryptolocker

    • Size

      149KB

    • MD5

      8a64aaae86bf03611c49164c4c92b37c

    • SHA1

      0672fb1b5b609227170177339f9928e245f4342f

    • SHA256

      34a37c14dface77f812683379e78a4325fb147c1b09699a8e1ff48c4aad1547d

    • SHA512

      b406bade6bad585c77d63d57530df2bc978c36e3234f02308f4414906f04d9e03e55a3f5ce72823ea50ae4e873c052274cd4ceaab8da54c7c890d52b8c2ead7d

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFYrPl:V6a+pOtEvwDpjt22I

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks