Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_663ece3fb9dd1f42bf7c43552bacc260_cryptolocker

  • Size

    29KB

  • Sample

    240212-ge44sadh2y

  • MD5

    663ece3fb9dd1f42bf7c43552bacc260

  • SHA1

    c9b9f1434b3c290726f4012ee4be4e911bf22029

  • SHA256

    6adb092e6634057f0d0ac60eb42d6f65a7fa939451f0810bea0ec0519e601b83

  • SHA512

    5c9921d7711eb6a458e6e8af0c2b693a3aaaf40aeae8f4b1ea34697d426ba11f954cdd67823674976beea9c1ec11f6e7704615382c3cfca6cf00353495dcb4b2

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xOch:q0zizzOSxMOtEvwDpj/arMQ

Score
10/10

Malware Config

Targets

    • Target

      2024-02-12_663ece3fb9dd1f42bf7c43552bacc260_cryptolocker

    • Size

      29KB

    • MD5

      663ece3fb9dd1f42bf7c43552bacc260

    • SHA1

      c9b9f1434b3c290726f4012ee4be4e911bf22029

    • SHA256

      6adb092e6634057f0d0ac60eb42d6f65a7fa939451f0810bea0ec0519e601b83

    • SHA512

      5c9921d7711eb6a458e6e8af0c2b693a3aaaf40aeae8f4b1ea34697d426ba11f954cdd67823674976beea9c1ec11f6e7704615382c3cfca6cf00353495dcb4b2

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xOch:q0zizzOSxMOtEvwDpj/arMQ

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks