63e617d8671d181d7706c75826638e352a58b8b0ac08b22cb94f4f512119d097 | Triage

Submit
Reports

Overview

overview

Static

static

2024-02-13...er.exe

windows7-x64

9

2024-02-13...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-02-13_b7b84f138fd7122931e9aaea9cd3bd20_cryptolocker
Size

34KB
Sample

240213-gywlraba3x
MD5

b7b84f138fd7122931e9aaea9cd3bd20
SHA1

31c896bace2e3a989ed053c92edd9efe6106f865
SHA256

63e617d8671d181d7706c75826638e352a58b8b0ac08b22cb94f4f512119d097
SHA512

db4577d46d2f5a16f487c9dc668eda0cd771ccc57e775d855af867c0dbd15a685c92b16acaa2d9ba081ef10eeb3b584e3294dcb7ec79c2dc2cbdc411609f5300
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZYnFdk:b/yC4GyNM01GuQMNXw2PSj1PCnFdk

Score

10^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-02-13_b7b84f138fd7122931e9aaea9cd3bd20_cryptolocker.exe

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-02-13_b7b84f138fd7122931e9aaea9cd3bd20_cryptolocker.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-13_b7b84f138fd7122931e9aaea9cd3bd20_cryptolocker
- Size
  
  34KB
- MD5
  
  b7b84f138fd7122931e9aaea9cd3bd20
- SHA1
  
  31c896bace2e3a989ed053c92edd9efe6106f865
- SHA256
  
  63e617d8671d181d7706c75826638e352a58b8b0ac08b22cb94f4f512119d097
- SHA512
  
  db4577d46d2f5a16f487c9dc668eda0cd771ccc57e775d855af867c0dbd15a685c92b16acaa2d9ba081ef10eeb3b584e3294dcb7ec79c2dc2cbdc411609f5300
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZYnFdk:b/yC4GyNM01GuQMNXw2PSj1PCnFdk
Score

9^/10

discovery
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy