General

  • Target

    2024-02-23_47559e81c8cf479658054def899ec956_cryptolocker

  • Size

    31KB

  • Sample

    240223-sb2d9sce2s

  • MD5

    47559e81c8cf479658054def899ec956

  • SHA1

    3f595c837aa4c8c4c97556511d9f3ab49e566154

  • SHA256

    285c36212b52ad071f1d25b454a28b56b2af9714fb267fc85960d2bdf24eb566

  • SHA512

    1ebe760f8e6fd4726219038e94ce9c7e9f32952f5563dfdfb5232cfcdebab12f6ad963684af3079d5c952be11535414372ef3941386dcd1fc00c4eb627d00cc2

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssot:b/yC4GyNM01GuQMNXw2PSjWot

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_47559e81c8cf479658054def899ec956_cryptolocker

    • Size

      31KB

    • MD5

      47559e81c8cf479658054def899ec956

    • SHA1

      3f595c837aa4c8c4c97556511d9f3ab49e566154

    • SHA256

      285c36212b52ad071f1d25b454a28b56b2af9714fb267fc85960d2bdf24eb566

    • SHA512

      1ebe760f8e6fd4726219038e94ce9c7e9f32952f5563dfdfb5232cfcdebab12f6ad963684af3079d5c952be11535414372ef3941386dcd1fc00c4eb627d00cc2

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssot:b/yC4GyNM01GuQMNXw2PSjWot

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks