Overview

overview

10

Static

static

10

2024-02-17...er.exe

windows7-x64

9

2024-02-17...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-17_b54d69e195e7bf58059ccb8e4097699f_cryptolocker

  • Size

    39KB

  • Sample

    240217-p4gnsafa61

  • MD5

    b54d69e195e7bf58059ccb8e4097699f

  • SHA1

    d290f74094900cba2dd920d3dca76786dd499ab1

  • SHA256

    a317639722884e0ccc202901dce53176b38ce3d849cd0311c2398485d493dc78

  • SHA512

    00a29b9bbcedac15c8861a39f33b8b6bb3dbf353f142888fbb87641b89db56aaac05c9b2c9f4b5b99ba2cd5b6d320f7b9a1ba665b6bfb9b90aef621b1792228a

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlWjj:b/yC4GyNM01GuQMNXw2PSjHPbSuYlWn

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-02-17_b54d69e195e7bf58059ccb8e4097699f_cryptolocker

    • Size

      39KB

    • MD5

      b54d69e195e7bf58059ccb8e4097699f

    • SHA1

      d290f74094900cba2dd920d3dca76786dd499ab1

    • SHA256

      a317639722884e0ccc202901dce53176b38ce3d849cd0311c2398485d493dc78

    • SHA512

      00a29b9bbcedac15c8861a39f33b8b6bb3dbf353f142888fbb87641b89db56aaac05c9b2c9f4b5b99ba2cd5b6d320f7b9a1ba665b6bfb9b90aef621b1792228a

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlWjj:b/yC4GyNM01GuQMNXw2PSjHPbSuYlWn

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks