Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_4cc6724f3ac4cc7451d3dce5931b5b6d_cryptolocker

  • Size

    46KB

  • Sample

    240212-ypm2pabd3x

  • MD5

    4cc6724f3ac4cc7451d3dce5931b5b6d

  • SHA1

    5d6c86a6b37c17762085d4849e1f83bb4962d4fb

  • SHA256

    7a1595818c8f14eb8d75be7d12c53882223c3fbf64c06070d520f60c5aae19f6

  • SHA512

    b73649f3d3a7ee52ff15260cdd7ad87ad5e0d612d150d6a6af86659a8c3a8655438c28264860cb2ee1b220ace3f336e934afec559c1dc8e067ddaa323125bb92

  • SSDEEP

    768:bgX4zYcgTEu6QOaryfjqDlC6JFbK37Yl6dg4:bgGYcA/53GAA6y37Q6d3

Score
10/10

Malware Config

Targets

    • Target

      2024-02-12_4cc6724f3ac4cc7451d3dce5931b5b6d_cryptolocker

    • Size

      46KB

    • MD5

      4cc6724f3ac4cc7451d3dce5931b5b6d

    • SHA1

      5d6c86a6b37c17762085d4849e1f83bb4962d4fb

    • SHA256

      7a1595818c8f14eb8d75be7d12c53882223c3fbf64c06070d520f60c5aae19f6

    • SHA512

      b73649f3d3a7ee52ff15260cdd7ad87ad5e0d612d150d6a6af86659a8c3a8655438c28264860cb2ee1b220ace3f336e934afec559c1dc8e067ddaa323125bb92

    • SSDEEP

      768:bgX4zYcgTEu6QOaryfjqDlC6JFbK37Yl6dg4:bgGYcA/53GAA6y37Q6d3

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks