General

  • Target

    2024-02-23_09d3a990dd83668d4d9b542898b6a068_cryptolocker

  • Size

    28KB

  • Sample

    240223-ld4h3sef69

  • MD5

    09d3a990dd83668d4d9b542898b6a068

  • SHA1

    8980670d331947a9aef93fc2913c0ebc7860ae39

  • SHA256

    3f10149a0cf764ae340d96ce2a15a16bd2a94067540dac6310482c587dad5cb0

  • SHA512

    6b17e9f4a1a5fa0d6a84f51f8bfa5fc714e53a8dbb58b8b00c69638319fd504c7c9d5dcee302925e41f8a8b7071125b13c0728162610deb8e7fdb3b6f7e5ad3a

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+Ui:b/yC4GyNM01GuQMNXum+n

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_09d3a990dd83668d4d9b542898b6a068_cryptolocker

    • Size

      28KB

    • MD5

      09d3a990dd83668d4d9b542898b6a068

    • SHA1

      8980670d331947a9aef93fc2913c0ebc7860ae39

    • SHA256

      3f10149a0cf764ae340d96ce2a15a16bd2a94067540dac6310482c587dad5cb0

    • SHA512

      6b17e9f4a1a5fa0d6a84f51f8bfa5fc714e53a8dbb58b8b00c69638319fd504c7c9d5dcee302925e41f8a8b7071125b13c0728162610deb8e7fdb3b6f7e5ad3a

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+Ui:b/yC4GyNM01GuQMNXum+n

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks