Overview

overview

10

Static

static

10

2024-03-11...er.exe

windows7-x64

9

2024-03-11...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-11_5ff652ebe513b33017769c2efc66172b_cryptolocker

  • Size

    42KB

  • Sample

    240311-rtxclahb65

  • MD5

    5ff652ebe513b33017769c2efc66172b

  • SHA1

    b817e2d203dc23e531cef44dcb9a19c4d15c47ea

  • SHA256

    945623d7efb32455e10842acd748070a2bfc43c16cb88e765db928ed6004fa6d

  • SHA512

    09b9c49f875195204553843fb5c3f69c52ec306f3a3e0a2499f4114895ce7c25c2ca8a61bb76ea51342f1145c9d07792a16618e9cd24820717edb9a51772070f

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6n8i:6j+1NMOtEvwDpjrR8i

Score
10/10

Malware Config

Targets

    • Target

      2024-03-11_5ff652ebe513b33017769c2efc66172b_cryptolocker

    • Size

      42KB

    • MD5

      5ff652ebe513b33017769c2efc66172b

    • SHA1

      b817e2d203dc23e531cef44dcb9a19c4d15c47ea

    • SHA256

      945623d7efb32455e10842acd748070a2bfc43c16cb88e765db928ed6004fa6d

    • SHA512

      09b9c49f875195204553843fb5c3f69c52ec306f3a3e0a2499f4114895ce7c25c2ca8a61bb76ea51342f1145c9d07792a16618e9cd24820717edb9a51772070f

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6n8i:6j+1NMOtEvwDpjrR8i

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks