Overview

overview

10

Static

static

10

2024-02-25...er.exe

windows7-x64

9

2024-02-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-25_8c97a51f262df1eb0687859c3d270fe0_cryptolocker

  • Size

    42KB

  • Sample

    240225-a5xdasab2v

  • MD5

    8c97a51f262df1eb0687859c3d270fe0

  • SHA1

    2929a45fba1090102b7dc51833c9acb067811c81

  • SHA256

    eeb8d3049585e298f12f9e01c5b0450e36a605a3b2f7468cd215140c50c8ae4f

  • SHA512

    b9bd8820bc5305ceb902ad87550752707065eb1d6e87cf837d65dbb57995a8a6750dd7f08c4f4445d30bb10d6a53d3c301e784a3c1fa1ed45862b599d3fa64b2

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvKO:6j+1NMOtEvwDpjr8hKO

Score
10/10

Malware Config

Targets

    • Target

      2024-02-25_8c97a51f262df1eb0687859c3d270fe0_cryptolocker

    • Size

      42KB

    • MD5

      8c97a51f262df1eb0687859c3d270fe0

    • SHA1

      2929a45fba1090102b7dc51833c9acb067811c81

    • SHA256

      eeb8d3049585e298f12f9e01c5b0450e36a605a3b2f7468cd215140c50c8ae4f

    • SHA512

      b9bd8820bc5305ceb902ad87550752707065eb1d6e87cf837d65dbb57995a8a6750dd7f08c4f4445d30bb10d6a53d3c301e784a3c1fa1ed45862b599d3fa64b2

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvKO:6j+1NMOtEvwDpjr8hKO

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks