Overview

overview

10

Static

static

10

2024-02-13...er.exe

windows7-x64

9

2024-02-13...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-13_1e248c063f6da07878c712199e25c5e6_cryptolocker

  • Size

    31KB

  • Sample

    240213-ja4nkadg73

  • MD5

    1e248c063f6da07878c712199e25c5e6

  • SHA1

    19f87573c939cc33be494e3ea54014522fc63b0e

  • SHA256

    3694fa10345c73729129f69a2d41ecfeacf074d67744b8f50f49e3c33f64a77d

  • SHA512

    f35e5803a5b700eec1ea0c0d4dc57540aa6d98c226ffab6385a0dce75f324781f67dcde17edf9774dbcab1ade59ad12f0fe0514985f6f4ae94155dab4fe0458c

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHmNO:q0zizzOSxMOtEvwDpj/arqcO

Score
10/10

Malware Config

Targets

    • Target

      2024-02-13_1e248c063f6da07878c712199e25c5e6_cryptolocker

    • Size

      31KB

    • MD5

      1e248c063f6da07878c712199e25c5e6

    • SHA1

      19f87573c939cc33be494e3ea54014522fc63b0e

    • SHA256

      3694fa10345c73729129f69a2d41ecfeacf074d67744b8f50f49e3c33f64a77d

    • SHA512

      f35e5803a5b700eec1ea0c0d4dc57540aa6d98c226ffab6385a0dce75f324781f67dcde17edf9774dbcab1ade59ad12f0fe0514985f6f4ae94155dab4fe0458c

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHmNO:q0zizzOSxMOtEvwDpj/arqcO

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks