Overview

overview

10

Static

static

10

2024-02-18...er.exe

windows7-x64

9

2024-02-18...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-18_8da77833d391f49aa632661b7ea081a4_cryptolocker

  • Size

    37KB

  • Sample

    240218-t98fxach26

  • MD5

    8da77833d391f49aa632661b7ea081a4

  • SHA1

    24b225e0b4200d70c68fc55d9c28cc67cd4fbf17

  • SHA256

    36e70d906aa5cece1176557864b018b5da95600d69a938284ee5700548ae6efe

  • SHA512

    0112f417ccda3bf86659d730d8ca679b9e5fd1b4fbb4514994d1f56e5b0821e715f522d991a6a2184325aecb40c4454bfd36db8c7ba88fcf3c3f2d55ec598fb2

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlxuvC:b/yC4GyNM01GuQMNXw2PSjHPbSuYloC

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-02-18_8da77833d391f49aa632661b7ea081a4_cryptolocker

    • Size

      37KB

    • MD5

      8da77833d391f49aa632661b7ea081a4

    • SHA1

      24b225e0b4200d70c68fc55d9c28cc67cd4fbf17

    • SHA256

      36e70d906aa5cece1176557864b018b5da95600d69a938284ee5700548ae6efe

    • SHA512

      0112f417ccda3bf86659d730d8ca679b9e5fd1b4fbb4514994d1f56e5b0821e715f522d991a6a2184325aecb40c4454bfd36db8c7ba88fcf3c3f2d55ec598fb2

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlxuvC:b/yC4GyNM01GuQMNXw2PSjHPbSuYloC

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks