Overview

overview

10

Static

static

10

2024-03-08...er.exe

windows7-x64

9

2024-03-08...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-08_7ab55871ab052d4890cb4f0f8886bd64_cryptolocker

  • Size

    45KB

  • Sample

    240308-ybt8vafc9t

  • MD5

    7ab55871ab052d4890cb4f0f8886bd64

  • SHA1

    2bcf70703009fb14510507303a8fec90f99693b2

  • SHA256

    7e1c038cf61be743a017ad9c2117c5bb318d0c4848a3579242b9e04f1eaf26b4

  • SHA512

    23066209ce2a1f696d9e9a3e17712cb2a47295fe58139f9ce733a32fd47a643d7580836e0e50edf67b5601ed2ffeaaccaa0077c96905f4b405b191fcb81cd4ed

  • SSDEEP

    384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/BdJ:XS5nQJ24LR1bytOOtEvwDpjNbP/bJ

Score
10/10

Malware Config

Targets

    • Target

      2024-03-08_7ab55871ab052d4890cb4f0f8886bd64_cryptolocker

    • Size

      45KB

    • MD5

      7ab55871ab052d4890cb4f0f8886bd64

    • SHA1

      2bcf70703009fb14510507303a8fec90f99693b2

    • SHA256

      7e1c038cf61be743a017ad9c2117c5bb318d0c4848a3579242b9e04f1eaf26b4

    • SHA512

      23066209ce2a1f696d9e9a3e17712cb2a47295fe58139f9ce733a32fd47a643d7580836e0e50edf67b5601ed2ffeaaccaa0077c96905f4b405b191fcb81cd4ed

    • SSDEEP

      384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/BdJ:XS5nQJ24LR1bytOOtEvwDpjNbP/bJ

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks