Overview

overview

10

Static

static

10

2024-02-28...er.exe

windows7-x64

9

2024-02-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-28_c74e6d34f7500848d1196d329376116d_cryptolocker

  • Size

    40KB

  • Sample

    240228-zm6xfsde5w

  • MD5

    c74e6d34f7500848d1196d329376116d

  • SHA1

    0db5d27d48ab2eee0116ccc76e7901d840362951

  • SHA256

    31f5a7dc6c30af9540a4dfc4aba62855e8a1e77ec94d281043fa694ff21bc75a

  • SHA512

    ba0fc1b7662644bfa71bee4b6db658d042baa4a80ffe2c335af521dd39c9a001c2cba94f0ea227b6aef05b70289835d6d4b6b8a2b9a9b9ffff46b21e244bcc54

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlE2PcE:b/pYayGig5HjS3+2kE

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-02-28_c74e6d34f7500848d1196d329376116d_cryptolocker

    • Size

      40KB

    • MD5

      c74e6d34f7500848d1196d329376116d

    • SHA1

      0db5d27d48ab2eee0116ccc76e7901d840362951

    • SHA256

      31f5a7dc6c30af9540a4dfc4aba62855e8a1e77ec94d281043fa694ff21bc75a

    • SHA512

      ba0fc1b7662644bfa71bee4b6db658d042baa4a80ffe2c335af521dd39c9a001c2cba94f0ea227b6aef05b70289835d6d4b6b8a2b9a9b9ffff46b21e244bcc54

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlE2PcE:b/pYayGig5HjS3+2kE

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks