737381a0133108c716571e999906c1e6b0679795cbd2c239ee489a56445a263d | Triage

Submit
Reports

Overview

overview

Static

static

2024-02-22...er.exe

windows7-x64

9

2024-02-22...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-02-22_96d9da85217361cd41d7b8ecc11bfeef_cryptolocker
Size

38KB
Sample

240222-p3lw4she41
MD5

96d9da85217361cd41d7b8ecc11bfeef
SHA1

a607b7b9413562f3a3994e229548cc7ad4605025
SHA256

737381a0133108c716571e999906c1e6b0679795cbd2c239ee489a56445a263d
SHA512

d70df4f123722cfb52caec5f8c553cf1585ff1e7e9d1f3b18a12fea36c402f38e0a6c8238dc5916798b2d02f753f95d379d7ade07fbf393cdaa6b638c21e8307
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYluo8Q:b/pYayGig5HjS3sQ

Score

10^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-02-22_96d9da85217361cd41d7b8ecc11bfeef_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-02-22_96d9da85217361cd41d7b8ecc11bfeef_cryptolocker.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-22_96d9da85217361cd41d7b8ecc11bfeef_cryptolocker
- Size
  
  38KB
- MD5
  
  96d9da85217361cd41d7b8ecc11bfeef
- SHA1
  
  a607b7b9413562f3a3994e229548cc7ad4605025
- SHA256
  
  737381a0133108c716571e999906c1e6b0679795cbd2c239ee489a56445a263d
- SHA512
  
  d70df4f123722cfb52caec5f8c553cf1585ff1e7e9d1f3b18a12fea36c402f38e0a6c8238dc5916798b2d02f753f95d379d7ade07fbf393cdaa6b638c21e8307
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYluo8Q:b/pYayGig5HjS3sQ
Score

9^/10

discovery
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy