General

  • Target

    2024-02-23_76d908342030a91f397ac49f8947ce60_cryptolocker

  • Size

    42KB

  • Sample

    240223-lqklqseh45

  • MD5

    76d908342030a91f397ac49f8947ce60

  • SHA1

    d2c399460f711986a7e23a7c35713ba8978541c2

  • SHA256

    13448075403b511ca1577496a89d23e64af097f838a433b0f9d45c4aad17b367

  • SHA512

    913a77beb0e417b0d93d4dae230485e1720c39465ab92d9b2caa1d4ebbc85ecf8a3dde606d59e8a3d6cc287338caf7cdecb5ca7f8ba015b924fd09cd4af05612

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAZ:b/pYayGig5HjS3NPAZ

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_76d908342030a91f397ac49f8947ce60_cryptolocker

    • Size

      42KB

    • MD5

      76d908342030a91f397ac49f8947ce60

    • SHA1

      d2c399460f711986a7e23a7c35713ba8978541c2

    • SHA256

      13448075403b511ca1577496a89d23e64af097f838a433b0f9d45c4aad17b367

    • SHA512

      913a77beb0e417b0d93d4dae230485e1720c39465ab92d9b2caa1d4ebbc85ecf8a3dde606d59e8a3d6cc287338caf7cdecb5ca7f8ba015b924fd09cd4af05612

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAZ:b/pYayGig5HjS3NPAZ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks