Overview

overview

10

Static

static

10

2024-03-08...er.exe

windows7-x64

9

2024-03-08...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-08_def0d8689cd1fa928bf6e88684e89ef2_cryptolocker

  • Size

    32KB

  • Sample

    240308-2gxspshc53

  • MD5

    def0d8689cd1fa928bf6e88684e89ef2

  • SHA1

    8edce692929ad218c53c6630b56b4e6baba80193

  • SHA256

    88a81537e0352aa82cdda7cbbebe0335ac8478dddfc3c639a91f5cd1bbfe1921

  • SHA512

    f1a2c1c723792abc9404df38a2be30fbadb6b4e968bd48f9eea7e9039be19ee56949e98a633d142e31f781d9c383d2bd17779a6d825dcbfb68676f61b18d0f6e

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjT:q0zizzOSxMOtEvwDpj/arqL

Score
10/10

Malware Config

Targets

    • Target

      2024-03-08_def0d8689cd1fa928bf6e88684e89ef2_cryptolocker

    • Size

      32KB

    • MD5

      def0d8689cd1fa928bf6e88684e89ef2

    • SHA1

      8edce692929ad218c53c6630b56b4e6baba80193

    • SHA256

      88a81537e0352aa82cdda7cbbebe0335ac8478dddfc3c639a91f5cd1bbfe1921

    • SHA512

      f1a2c1c723792abc9404df38a2be30fbadb6b4e968bd48f9eea7e9039be19ee56949e98a633d142e31f781d9c383d2bd17779a6d825dcbfb68676f61b18d0f6e

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjT:q0zizzOSxMOtEvwDpj/arqL

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks