Overview

overview

10

Static

static

10

2024-02-12...er.exe

windows7-x64

9

2024-02-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_892fdb6b0dc45821790637e49ea314d9_cryptolocker

  • Size

    60KB

  • Sample

    240212-yvjw8abd8x

  • MD5

    892fdb6b0dc45821790637e49ea314d9

  • SHA1

    3648c1f8a36245145a22061d2bdf9ed9affb3ed4

  • SHA256

    514618f298a8d6dd40d54a2a4d3d498f1e369738b53bde424ca5948f07b36c76

  • SHA512

    04cbf26893ec78da023b935b82c94da19ef720ad137929fe2e0507d1e5a6fffabd671efe61e78b32678e6f962b88f9cdfe502b367a922d10a74ffd1fd1a42a74

  • SSDEEP

    1536:ZzFbxmLPWQMOtEvwDpj38lD/cMAT+lBO+:ZVxkGOtEvwDpjS

Score
10/10

Malware Config

Targets

    • Target

      2024-02-12_892fdb6b0dc45821790637e49ea314d9_cryptolocker

    • Size

      60KB

    • MD5

      892fdb6b0dc45821790637e49ea314d9

    • SHA1

      3648c1f8a36245145a22061d2bdf9ed9affb3ed4

    • SHA256

      514618f298a8d6dd40d54a2a4d3d498f1e369738b53bde424ca5948f07b36c76

    • SHA512

      04cbf26893ec78da023b935b82c94da19ef720ad137929fe2e0507d1e5a6fffabd671efe61e78b32678e6f962b88f9cdfe502b367a922d10a74ffd1fd1a42a74

    • SSDEEP

      1536:ZzFbxmLPWQMOtEvwDpj38lD/cMAT+lBO+:ZVxkGOtEvwDpjS

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks