General

  • Target

    2024-02-22_aa64fef12286342a6b5de2fd9bfa853c_cryptolocker

  • Size

    31KB

  • Sample

    240222-wdfr5adc3v

  • MD5

    aa64fef12286342a6b5de2fd9bfa853c

  • SHA1

    ba4466c2fb7148c92849694d428a46dc07c5d3b9

  • SHA256

    a916bf519645d34dc9a55f47fb864b9074406be5311a88dd5193ddef8262a3e0

  • SHA512

    e206e59e7fc494197258ae65c08d459a7fd66d6741ba65b09f1185f972511f3168a867a875daed6850c3be789f4fbe84bc272c1639501ac818bf53aea6604909

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYL:b/yC4GyNM01GuQMNXw2PSjWoYL

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_aa64fef12286342a6b5de2fd9bfa853c_cryptolocker

    • Size

      31KB

    • MD5

      aa64fef12286342a6b5de2fd9bfa853c

    • SHA1

      ba4466c2fb7148c92849694d428a46dc07c5d3b9

    • SHA256

      a916bf519645d34dc9a55f47fb864b9074406be5311a88dd5193ddef8262a3e0

    • SHA512

      e206e59e7fc494197258ae65c08d459a7fd66d6741ba65b09f1185f972511f3168a867a875daed6850c3be789f4fbe84bc272c1639501ac818bf53aea6604909

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYL:b/yC4GyNM01GuQMNXw2PSjWoYL

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks