Overview

overview

10

Static

static

10

2024-02-14...er.exe

windows7-x64

9

2024-02-14...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-14_f461ca08a8f3d7c6ebbfc0b6ee2d820e_cryptolocker

  • Size

    84KB

  • Sample

    240214-dl9q3agf63

  • MD5

    f461ca08a8f3d7c6ebbfc0b6ee2d820e

  • SHA1

    230e89d21ffbff4a92fe1964f560e88e8bcaf17d

  • SHA256

    dcd1b6d8dca55844511dc887574115274cf482c9641a49adfbfcbf62eb1dd3b8

  • SHA512

    43bf566dbe11142a8e97ae02afa5f9157e4de5210c36f19a5980cbde6e349879b79aed319e1cecee73e1c9fda189ab5b3ad1b96f2a9f667a2845f88016ae6ada

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvP2x:i5nkFGMOtEvwDpjNbwQEI8UtzNcO82

Score
10/10

Malware Config

Targets

    • Target

      2024-02-14_f461ca08a8f3d7c6ebbfc0b6ee2d820e_cryptolocker

    • Size

      84KB

    • MD5

      f461ca08a8f3d7c6ebbfc0b6ee2d820e

    • SHA1

      230e89d21ffbff4a92fe1964f560e88e8bcaf17d

    • SHA256

      dcd1b6d8dca55844511dc887574115274cf482c9641a49adfbfcbf62eb1dd3b8

    • SHA512

      43bf566dbe11142a8e97ae02afa5f9157e4de5210c36f19a5980cbde6e349879b79aed319e1cecee73e1c9fda189ab5b3ad1b96f2a9f667a2845f88016ae6ada

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvP2x:i5nkFGMOtEvwDpjNbwQEI8UtzNcO82

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks