General

  • Target

    2024-03-02_b1c38c5beea330b94b80a97980a96762_cryptolocker

  • Size

    390KB

  • Sample

    240302-zp14zshg89

  • MD5

    b1c38c5beea330b94b80a97980a96762

  • SHA1

    5e3647cbb76dc43998922e4ebaa741ea7d34126e

  • SHA256

    2514a2fe3d78d5974c2c3b080d20707f95653cd1892be272733264f202de24ac

  • SHA512

    2054280aaa0d94582c1b45e4ff8f7986ea01c212f813a551f908b648f49988a955deaea259ed5d264c610b7c9024231945ced3685d4ce2132e75552a86442a7a

  • SSDEEP

    6144:rWmw0EuCN0pLWgTO3x5N22vWvLRKKAX5l++SybIvCQAISbg:rWkEuCaNT85I2vCMX5l+ZRvmIf

Malware Config

Targets

    • Target

      2024-03-02_b1c38c5beea330b94b80a97980a96762_cryptolocker

    • Size

      390KB

    • MD5

      b1c38c5beea330b94b80a97980a96762

    • SHA1

      5e3647cbb76dc43998922e4ebaa741ea7d34126e

    • SHA256

      2514a2fe3d78d5974c2c3b080d20707f95653cd1892be272733264f202de24ac

    • SHA512

      2054280aaa0d94582c1b45e4ff8f7986ea01c212f813a551f908b648f49988a955deaea259ed5d264c610b7c9024231945ced3685d4ce2132e75552a86442a7a

    • SSDEEP

      6144:rWmw0EuCN0pLWgTO3x5N22vWvLRKKAX5l++SybIvCQAISbg:rWkEuCaNT85I2vCMX5l+ZRvmIf

    • CryptoLocker

      Ransomware family with multiple variants.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks