General

  • Target

    2024-02-23_60bfe906d800bf4e1d36e16442812187_cryptolocker

  • Size

    32KB

  • Sample

    240223-pvzg8sgd46

  • MD5

    60bfe906d800bf4e1d36e16442812187

  • SHA1

    b8c87c956d92c4427a6b79e4b00b6e98fdf09432

  • SHA256

    98d4374754b3c2f1d6cd2c79f705f85f63935fb00c7a67bc4c289b638ed85feb

  • SHA512

    ed470e6fef381cee01d6bc5260f17099d59b2758359da4cb093d7af4d0bacfa26e2c4554e8f7641e4d749dd4120388e5489b50afa209b77db5de6f1ce63d43bb

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUsDk2:b/yC4GyNM01GuQMNXw2PSjZR

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_60bfe906d800bf4e1d36e16442812187_cryptolocker

    • Size

      32KB

    • MD5

      60bfe906d800bf4e1d36e16442812187

    • SHA1

      b8c87c956d92c4427a6b79e4b00b6e98fdf09432

    • SHA256

      98d4374754b3c2f1d6cd2c79f705f85f63935fb00c7a67bc4c289b638ed85feb

    • SHA512

      ed470e6fef381cee01d6bc5260f17099d59b2758359da4cb093d7af4d0bacfa26e2c4554e8f7641e4d749dd4120388e5489b50afa209b77db5de6f1ce63d43bb

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUsDk2:b/yC4GyNM01GuQMNXw2PSjZR

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks