Overview

overview

10

Static

static

10

2024-02-20...er.exe

windows7-x64

9

2024-02-20...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-20_875eeb01eacd0e9e808ea6938f8d908f_cryptolocker

  • Size

    40KB

  • Sample

    240220-b4pgqsgh8v

  • MD5

    875eeb01eacd0e9e808ea6938f8d908f

  • SHA1

    1e6701d73b7cb1c460282f2a428dc1341a93a55e

  • SHA256

    cfdab62784a07a1b3422d4ba1519bed53c4db278307532f8c347c2f0db13cdd6

  • SHA512

    0ae47ba8ccf6f1fbc796badadf57d2b7fb2c3f7358c1c49400e3b033851b6b86269497e8bd3f1eba787d12533afc5e165baab74fee2afa4a332e3f1fec105c13

  • SSDEEP

    384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOP:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/t

Score
10/10

Malware Config

Targets

    • Target

      2024-02-20_875eeb01eacd0e9e808ea6938f8d908f_cryptolocker

    • Size

      40KB

    • MD5

      875eeb01eacd0e9e808ea6938f8d908f

    • SHA1

      1e6701d73b7cb1c460282f2a428dc1341a93a55e

    • SHA256

      cfdab62784a07a1b3422d4ba1519bed53c4db278307532f8c347c2f0db13cdd6

    • SHA512

      0ae47ba8ccf6f1fbc796badadf57d2b7fb2c3f7358c1c49400e3b033851b6b86269497e8bd3f1eba787d12533afc5e165baab74fee2afa4a332e3f1fec105c13

    • SSDEEP

      384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOP:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/t

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks