e3a2fa60b3b2058415907b34d9e9e238e700ef775c418497e866e8ca4ee6695d | Triage

Submit
Reports

Overview

overview

Static

static

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-02-12_c777594c1ba2d752427acccc028eacc9_cryptolocker
Size

41KB
Sample

240212-b6968aeh5s
MD5

c777594c1ba2d752427acccc028eacc9
SHA1

1b1672d1e9eb4b766ecb47275f25614909d41965
SHA256

e3a2fa60b3b2058415907b34d9e9e238e700ef775c418497e866e8ca4ee6695d
SHA512

11f54b61a52cc068cf657d807bf969cfb8a412e6df741d2c23bbb47baa3383b0597268a760eb4ee312ce7e238aab367abfa43c4089aaec5a98b17272ca9bb43d
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PArH:b/pYayGig5HjS3NPAL

Score

10^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-02-12_c777594c1ba2d752427acccc028eacc9_cryptolocker.exe

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-02-12_c777594c1ba2d752427acccc028eacc9_cryptolocker.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-12_c777594c1ba2d752427acccc028eacc9_cryptolocker
- Size
  
  41KB
- MD5
  
  c777594c1ba2d752427acccc028eacc9
- SHA1
  
  1b1672d1e9eb4b766ecb47275f25614909d41965
- SHA256
  
  e3a2fa60b3b2058415907b34d9e9e238e700ef775c418497e866e8ca4ee6695d
- SHA512
  
  11f54b61a52cc068cf657d807bf969cfb8a412e6df741d2c23bbb47baa3383b0597268a760eb4ee312ce7e238aab367abfa43c4089aaec5a98b17272ca9bb43d
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PArH:b/pYayGig5HjS3NPAL
Score

9^/10

discovery
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy