General

  • Target

    2024-02-22_f335673f25f838240b76ee713f786f02_cryptolocker

  • Size

    31KB

  • Sample

    240222-zlcxzsfa51

  • MD5

    f335673f25f838240b76ee713f786f02

  • SHA1

    44f8e47f4393265c0ba78b6d36a2cedc1e03d77d

  • SHA256

    0edb5a71269986b02bfea9b1a16a0f7c4bdb73fe99083dacb2f30b524214d871

  • SHA512

    1b1c63b3e82c64840ab6df409b598b8fc1e0e66f913da4d8054159f67daa82ef628df1b7ecf8675983e6e3945f5aae4607aff246439fff3e0381c19b82bccff1

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn8YtI:b/yC4GyNM01GuQMNXw2PSj6

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_f335673f25f838240b76ee713f786f02_cryptolocker

    • Size

      31KB

    • MD5

      f335673f25f838240b76ee713f786f02

    • SHA1

      44f8e47f4393265c0ba78b6d36a2cedc1e03d77d

    • SHA256

      0edb5a71269986b02bfea9b1a16a0f7c4bdb73fe99083dacb2f30b524214d871

    • SHA512

      1b1c63b3e82c64840ab6df409b598b8fc1e0e66f913da4d8054159f67daa82ef628df1b7ecf8675983e6e3945f5aae4607aff246439fff3e0381c19b82bccff1

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn8YtI:b/yC4GyNM01GuQMNXw2PSj6

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks