General

  • Target

    2024-02-22_69abdb4fc297a17467611d3ec7acc649_cryptolocker

  • Size

    39KB

  • Sample

    240222-t2bf7sch39

  • MD5

    69abdb4fc297a17467611d3ec7acc649

  • SHA1

    72922b6c3b37df1e76db2c68d8efdc648e9f5858

  • SHA256

    964c10a157f0b011fe30e09d4051d187ddc23d4c8c2f440e9ada4d2a9ea95ed4

  • SHA512

    4e764ab72bc95430d2cb88072d704f3ee658bad08ad373a795c1215730e15496a25c76660750a95d9dd12b232d2038fb2589bccf1bb2fd433b21a08d68e1fedd

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlmoH8Ns:b/yC4GyNM01GuQMNXw2PSjHPbSuYlZcy

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_69abdb4fc297a17467611d3ec7acc649_cryptolocker

    • Size

      39KB

    • MD5

      69abdb4fc297a17467611d3ec7acc649

    • SHA1

      72922b6c3b37df1e76db2c68d8efdc648e9f5858

    • SHA256

      964c10a157f0b011fe30e09d4051d187ddc23d4c8c2f440e9ada4d2a9ea95ed4

    • SHA512

      4e764ab72bc95430d2cb88072d704f3ee658bad08ad373a795c1215730e15496a25c76660750a95d9dd12b232d2038fb2589bccf1bb2fd433b21a08d68e1fedd

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlmoH8Ns:b/yC4GyNM01GuQMNXw2PSjHPbSuYlZcy

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks