Overview

overview

10

Static

static

10

2024-02-25...er.exe

windows7-x64

9

2024-02-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-25_c4d95b2dad5e054e8792667f8a0a29dd_cryptolocker

  • Size

    40KB

  • Sample

    240225-hfpadsea93

  • MD5

    c4d95b2dad5e054e8792667f8a0a29dd

  • SHA1

    d9a535b56d154f7556c82fec7a14ef70ad863258

  • SHA256

    4c9631ac3b186024f44e8a66bd46409b044bdb8ac650e2f3619dd0b04abeec97

  • SHA512

    f7aa1d5587111c83f7314f474513fe474c99d062df4a3357bdc93caab7d330d1be9d9b89d93997f20adbd61c4f7e969315518b4061e802711b4bc21440f6d230

  • SSDEEP

    768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRY/31:m5nkFNMOtEvwDpjG8hhXy/l

Score
10/10

Malware Config

Targets

    • Target

      2024-02-25_c4d95b2dad5e054e8792667f8a0a29dd_cryptolocker

    • Size

      40KB

    • MD5

      c4d95b2dad5e054e8792667f8a0a29dd

    • SHA1

      d9a535b56d154f7556c82fec7a14ef70ad863258

    • SHA256

      4c9631ac3b186024f44e8a66bd46409b044bdb8ac650e2f3619dd0b04abeec97

    • SHA512

      f7aa1d5587111c83f7314f474513fe474c99d062df4a3357bdc93caab7d330d1be9d9b89d93997f20adbd61c4f7e969315518b4061e802711b4bc21440f6d230

    • SSDEEP

      768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRY/31:m5nkFNMOtEvwDpjG8hhXy/l

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks