General

  • Target

    2024-02-22_f951ec5a685e1ba9d5041a46682f3606_cryptolocker

  • Size

    38KB

  • Sample

    240222-2pc39sga7s

  • MD5

    f951ec5a685e1ba9d5041a46682f3606

  • SHA1

    f9ecc4c2979fd747258c84287b718a141720d70c

  • SHA256

    048fcc7d8cda5d76e448cd478f0983a71f7231a332a1fe6ee85410b09cf676b6

  • SHA512

    411d99cf373a713f2380a81f11d0e942ddd5f87415fd8ade8006fe4a0cd5f100862fb05b6d893cfda6231e9ed4111c89d72ebc8ff167f6d69c31c23ced1cc9ff

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlxugfk:b/yC4GyNM01GuQMNXw2PSjHPbSuYlC

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_f951ec5a685e1ba9d5041a46682f3606_cryptolocker

    • Size

      38KB

    • MD5

      f951ec5a685e1ba9d5041a46682f3606

    • SHA1

      f9ecc4c2979fd747258c84287b718a141720d70c

    • SHA256

      048fcc7d8cda5d76e448cd478f0983a71f7231a332a1fe6ee85410b09cf676b6

    • SHA512

      411d99cf373a713f2380a81f11d0e942ddd5f87415fd8ade8006fe4a0cd5f100862fb05b6d893cfda6231e9ed4111c89d72ebc8ff167f6d69c31c23ced1cc9ff

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlxugfk:b/yC4GyNM01GuQMNXw2PSjHPbSuYlC

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks