General

  • Target

    2024-02-23_2bc0c9b80443614e24c9d88401e365f2_cryptolocker

  • Size

    42KB

  • Sample

    240223-lharkaeb6w

  • MD5

    2bc0c9b80443614e24c9d88401e365f2

  • SHA1

    9498f096a2f5b3b359e0eff66fe606969bae5c5b

  • SHA256

    8339139e1e13b66c0eb0837862df627ae6501d1350056aeac1990e793ae94966

  • SHA512

    9ec28551df72bb64b7e8646fe15aa6939fd40613088fb44d84a1f8976d08d921165d548b8659faa718adb7849d7af5bf697a2c75bf473cd1372941f5ad8fe5f8

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAu:b/pYayGig5HjS3NPAu

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_2bc0c9b80443614e24c9d88401e365f2_cryptolocker

    • Size

      42KB

    • MD5

      2bc0c9b80443614e24c9d88401e365f2

    • SHA1

      9498f096a2f5b3b359e0eff66fe606969bae5c5b

    • SHA256

      8339139e1e13b66c0eb0837862df627ae6501d1350056aeac1990e793ae94966

    • SHA512

      9ec28551df72bb64b7e8646fe15aa6939fd40613088fb44d84a1f8976d08d921165d548b8659faa718adb7849d7af5bf697a2c75bf473cd1372941f5ad8fe5f8

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAu:b/pYayGig5HjS3NPAu

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks