Overview

overview

10

Static

static

10

2024-02-24...er.exe

windows7-x64

9

2024-02-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-24_5bb83b42b41aa42297fcbc9b2b1f9f1c_cryptolocker

  • Size

    55KB

  • Sample

    240224-ebwbcshb4x

  • MD5

    5bb83b42b41aa42297fcbc9b2b1f9f1c

  • SHA1

    4a37dd2fe44e0aac52493c1f9dbd1b00fa3873e9

  • SHA256

    9fdc24e6a90a9d127bd8595e6d04f30d6f080fc394a0008ca1135ac443542374

  • SHA512

    d95fbc4d0d05d9ab5c4f2cebdec4b7847f70999856af4d098f07695dd43b54591e398257dc6747e6352661dfbe9c35596523b609420acb07d6bb503af0012d82

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61T:BbdDmjr+OtEvwDpjMF

Score
10/10

Malware Config

Targets

    • Target

      2024-02-24_5bb83b42b41aa42297fcbc9b2b1f9f1c_cryptolocker

    • Size

      55KB

    • MD5

      5bb83b42b41aa42297fcbc9b2b1f9f1c

    • SHA1

      4a37dd2fe44e0aac52493c1f9dbd1b00fa3873e9

    • SHA256

      9fdc24e6a90a9d127bd8595e6d04f30d6f080fc394a0008ca1135ac443542374

    • SHA512

      d95fbc4d0d05d9ab5c4f2cebdec4b7847f70999856af4d098f07695dd43b54591e398257dc6747e6352661dfbe9c35596523b609420acb07d6bb503af0012d82

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61T:BbdDmjr+OtEvwDpjMF

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks