Overview

overview

10

Static

static

10

2024-03-11...er.exe

windows7-x64

9

2024-03-11...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-11_49e2381907de5a8a86c5b6b8a157527a_cryptolocker

  • Size

    38KB

  • Sample

    240311-e3nqlacc8s

  • MD5

    49e2381907de5a8a86c5b6b8a157527a

  • SHA1

    1c08198d48380f71d91baa8cc7d68ffaaca078f2

  • SHA256

    e31c4ad4afc16b05e040c291d402b2121f9fb66fa8cf5bf983b8d6633f72104e

  • SHA512

    9e969f8f340f42a8c4b56158a94437408125261a4faa1128bfa4e351d42acb4ffd5d24a84a479bba299ced87da14b694f348c2417678e36a183a396b2764898f

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlWnM:b/yC4GyNM01GuQMNXw2PSjHPbSuYlWM

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-03-11_49e2381907de5a8a86c5b6b8a157527a_cryptolocker

    • Size

      38KB

    • MD5

      49e2381907de5a8a86c5b6b8a157527a

    • SHA1

      1c08198d48380f71d91baa8cc7d68ffaaca078f2

    • SHA256

      e31c4ad4afc16b05e040c291d402b2121f9fb66fa8cf5bf983b8d6633f72104e

    • SHA512

      9e969f8f340f42a8c4b56158a94437408125261a4faa1128bfa4e351d42acb4ffd5d24a84a479bba299ced87da14b694f348c2417678e36a183a396b2764898f

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlWnM:b/yC4GyNM01GuQMNXw2PSjHPbSuYlWM

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks