Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-12_e123d9e2119155590e5df1a1f21a52f0_cryptolocker

  • Size

    39KB

  • Sample

    240212-n1gzpsec52

  • MD5

    e123d9e2119155590e5df1a1f21a52f0

  • SHA1

    7e313973f5cf86c5ddf0f8a2f2fec93f2db30cd6

  • SHA256

    41feeca97c660844f8f15c05364d44e5c6b8cff65bb80a85edbf5bc93d2e1bfb

  • SHA512

    bf130afe318ecff157c8b8cc2ccc3164694b5b541242dd49daad4a95c37fec6f40629187a0074013403b39c2b91067f2ef4aa06ba3f93d7c498776ee6b1abf0b

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlWjp:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW9

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-02-12_e123d9e2119155590e5df1a1f21a52f0_cryptolocker

    • Size

      39KB

    • MD5

      e123d9e2119155590e5df1a1f21a52f0

    • SHA1

      7e313973f5cf86c5ddf0f8a2f2fec93f2db30cd6

    • SHA256

      41feeca97c660844f8f15c05364d44e5c6b8cff65bb80a85edbf5bc93d2e1bfb

    • SHA512

      bf130afe318ecff157c8b8cc2ccc3164694b5b541242dd49daad4a95c37fec6f40629187a0074013403b39c2b91067f2ef4aa06ba3f93d7c498776ee6b1abf0b

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlWjp:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW9

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks