General

  • Target

    2024-02-24_5bbc9b0a3ed35c07514a05d02afc6747_cryptolocker

  • Size

    62KB

  • Sample

    240224-qvmdcadb47

  • MD5

    5bbc9b0a3ed35c07514a05d02afc6747

  • SHA1

    ca340e5b33c57b6d2db69eb8d8e3d7d65f94794f

  • SHA256

    4afc54992723309193e52259aacf54f8b58bfd1cbac3abcf9f32b5f61826952b

  • SHA512

    bc2e3c4f54e0abbfd12fc8589d2b024ec9420a6eddf60dd47465d3e6778f0fe917137f814497e537e8e71481e0a82ac87bb8076e66d997ea97a98c4ac60be9bc

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEISL:6j+1NMOtEvwDpjr8ox8UDE3L

Score
10/10

Malware Config

Targets

    • Target

      2024-02-24_5bbc9b0a3ed35c07514a05d02afc6747_cryptolocker

    • Size

      62KB

    • MD5

      5bbc9b0a3ed35c07514a05d02afc6747

    • SHA1

      ca340e5b33c57b6d2db69eb8d8e3d7d65f94794f

    • SHA256

      4afc54992723309193e52259aacf54f8b58bfd1cbac3abcf9f32b5f61826952b

    • SHA512

      bc2e3c4f54e0abbfd12fc8589d2b024ec9420a6eddf60dd47465d3e6778f0fe917137f814497e537e8e71481e0a82ac87bb8076e66d997ea97a98c4ac60be9bc

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEISL:6j+1NMOtEvwDpjr8ox8UDE3L

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks