General

  • Target

    2024-02-22_10c24dcc69a62127ce58d390091a317e_cryptolocker

  • Size

    31KB

  • Sample

    240222-z84dfsfc6s

  • MD5

    10c24dcc69a62127ce58d390091a317e

  • SHA1

    77999bdef98ad0131c88956dd0d11463f45dd8ee

  • SHA256

    1306752b59ffdb15f4a3cd61c54cbc400d71207cee150dd67dd45e90987a7932

  • SHA512

    c0cab91d3c5a7d6a821ac06af3c22368581e55ef590262666435af17b56d8c27a2b1d48dadb9246d5d83a2f7c6519eb395b4ea5254f3fb1f9aa6f2f1d5051d60

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYY:b/yC4GyNM01GuQMNXw2PSjWoYY

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_10c24dcc69a62127ce58d390091a317e_cryptolocker

    • Size

      31KB

    • MD5

      10c24dcc69a62127ce58d390091a317e

    • SHA1

      77999bdef98ad0131c88956dd0d11463f45dd8ee

    • SHA256

      1306752b59ffdb15f4a3cd61c54cbc400d71207cee150dd67dd45e90987a7932

    • SHA512

      c0cab91d3c5a7d6a821ac06af3c22368581e55ef590262666435af17b56d8c27a2b1d48dadb9246d5d83a2f7c6519eb395b4ea5254f3fb1f9aa6f2f1d5051d60

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYY:b/yC4GyNM01GuQMNXw2PSjWoYY

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks