General

  • Target

    2024-02-22_5c1398d8bf8f62c68ea581b470a2c497_cryptolocker

  • Size

    34KB

  • Sample

    240222-v75gxadf22

  • MD5

    5c1398d8bf8f62c68ea581b470a2c497

  • SHA1

    eddc234dd6f340c4e5997a5cc03c54dbe186c345

  • SHA256

    7a5acd9fd0adcb951f40cfe533c8f7dd9f7a19ba56487b3b606108097f976c53

  • SHA512

    d3b041b732d86763977e828fd60807ce147085fe27649e4e99762442e7a264ce69230f19c8cad33c1acf2c7d7f9041a8c7ef638202cdca113f70187d6faad4f4

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0X/EIjNc9:b/yC4GyNM01GuQMNXw2PSjH+PPNc9

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_5c1398d8bf8f62c68ea581b470a2c497_cryptolocker

    • Size

      34KB

    • MD5

      5c1398d8bf8f62c68ea581b470a2c497

    • SHA1

      eddc234dd6f340c4e5997a5cc03c54dbe186c345

    • SHA256

      7a5acd9fd0adcb951f40cfe533c8f7dd9f7a19ba56487b3b606108097f976c53

    • SHA512

      d3b041b732d86763977e828fd60807ce147085fe27649e4e99762442e7a264ce69230f19c8cad33c1acf2c7d7f9041a8c7ef638202cdca113f70187d6faad4f4

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0X/EIjNc9:b/yC4GyNM01GuQMNXw2PSjH+PPNc9

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks