General

  • Target

    2024-02-23_92aa3dfa8691f919541fd84daea2717a_cryptolocker

  • Size

    28KB

  • Sample

    240223-p2wd6agf43

  • MD5

    92aa3dfa8691f919541fd84daea2717a

  • SHA1

    6fc306fbb727b0dca9690704586dd4e332fa2f94

  • SHA256

    4fc821f8e0fab3f4f3c9698a75cd2e92a098c1a8552e52297d7e4a5d32d6a8a4

  • SHA512

    2de4cc3f8f448fec138f84e5d9b23fded8a44c28bfed0d01b76155ca5cff4eae2f6f0482f82c57fb4ae9777bc82744b050f7143ba3c55650cd436bc2c2fb1658

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+UUA3:b/yC4GyNM01GuQMNXum+3A3

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_92aa3dfa8691f919541fd84daea2717a_cryptolocker

    • Size

      28KB

    • MD5

      92aa3dfa8691f919541fd84daea2717a

    • SHA1

      6fc306fbb727b0dca9690704586dd4e332fa2f94

    • SHA256

      4fc821f8e0fab3f4f3c9698a75cd2e92a098c1a8552e52297d7e4a5d32d6a8a4

    • SHA512

      2de4cc3f8f448fec138f84e5d9b23fded8a44c28bfed0d01b76155ca5cff4eae2f6f0482f82c57fb4ae9777bc82744b050f7143ba3c55650cd436bc2c2fb1658

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+UUA3:b/yC4GyNM01GuQMNXum+3A3

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks