Overview

overview

10

Static

static

10

2024-03-11...er.exe

windows7-x64

9

2024-03-11...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-11_00c0e4473b751043044131ac0af93a2d_cryptolocker

  • Size

    32KB

  • Sample

    240311-ezskdabh34

  • MD5

    00c0e4473b751043044131ac0af93a2d

  • SHA1

    1b0b003f8d0772bdf780f22b7d06cf3f2ee65702

  • SHA256

    c3ca886116891be158e2b71a9e8dbdd6b30f572313889c01bbecf8afcfe9e8d5

  • SHA512

    d55423255e68da35f22dc5a2141a3902570cbd89befc7c7217de22f3f2b59ef91aff0cd8a867a6827afcc7da8f69a56dd6e367483dcbf874c55e6ecedbdb2679

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjuO:q0zizzOSxMOtEvwDpj/arq2O

Score
10/10

Malware Config

Targets

    • Target

      2024-03-11_00c0e4473b751043044131ac0af93a2d_cryptolocker

    • Size

      32KB

    • MD5

      00c0e4473b751043044131ac0af93a2d

    • SHA1

      1b0b003f8d0772bdf780f22b7d06cf3f2ee65702

    • SHA256

      c3ca886116891be158e2b71a9e8dbdd6b30f572313889c01bbecf8afcfe9e8d5

    • SHA512

      d55423255e68da35f22dc5a2141a3902570cbd89befc7c7217de22f3f2b59ef91aff0cd8a867a6827afcc7da8f69a56dd6e367483dcbf874c55e6ecedbdb2679

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjuO:q0zizzOSxMOtEvwDpj/arq2O

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks