General

  • Target

    2024-02-23_411cacdde95dcfc12bdc252636a8d50d_cryptolocker

  • Size

    35KB

  • Sample

    240223-ljnptaeg36

  • MD5

    411cacdde95dcfc12bdc252636a8d50d

  • SHA1

    aec41bbc852cd9651ef6681e218ccefd0523b7ba

  • SHA256

    5e9569782606cbc7ab7802edf16b2a7201d1422294d7a19153dcc07f8ce3301b

  • SHA512

    fde2472d7d813d391f5335d80a99fd77f5a9fad6d2349792b9a2c8787c84e0016ee8b41452810ac091c11831f12865620e485fc195d0908a50fd129cdf663c43

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8I+:b/yC4GyNM01GuQMNXw2PSj1Pqq8X

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_411cacdde95dcfc12bdc252636a8d50d_cryptolocker

    • Size

      35KB

    • MD5

      411cacdde95dcfc12bdc252636a8d50d

    • SHA1

      aec41bbc852cd9651ef6681e218ccefd0523b7ba

    • SHA256

      5e9569782606cbc7ab7802edf16b2a7201d1422294d7a19153dcc07f8ce3301b

    • SHA512

      fde2472d7d813d391f5335d80a99fd77f5a9fad6d2349792b9a2c8787c84e0016ee8b41452810ac091c11831f12865620e485fc195d0908a50fd129cdf663c43

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8I+:b/yC4GyNM01GuQMNXw2PSj1Pqq8X

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks