19718fa90ff6566c3a7c5ce865dfc7cb1e932b10bbc94a5e808b3470ae30d77b | Triage

Submit
Reports

Overview

overview

Static

static

2024-03-12...er.exe

windows7-x64

9

2024-03-12...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-12_d7a9aa11221e1bbbfe0047634caea53c_cryptolocker
Size

60KB
Sample

240312-jkl69sbh5z
MD5

d7a9aa11221e1bbbfe0047634caea53c
SHA1

fca7bf31bde2adfcaef22999e17b8895dbbc8222
SHA256

19718fa90ff6566c3a7c5ce865dfc7cb1e932b10bbc94a5e808b3470ae30d77b
SHA512

79a30fe64d7bf31e7ea3eb20784a8def33362011f7177b7a24f940ac23d140e8aea0cb4874a94776025d3deb8c7b5b36a86e13a4d4b2516747907afef495e6dd
SSDEEP

1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb614B:BbdDmjr+OtEvwDpjM2

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-03-12_d7a9aa11221e1bbbfe0047634caea53c_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-12_d7a9aa11221e1bbbfe0047634caea53c_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-12_d7a9aa11221e1bbbfe0047634caea53c_cryptolocker
- Size
  
  60KB
- MD5
  
  d7a9aa11221e1bbbfe0047634caea53c
- SHA1
  
  fca7bf31bde2adfcaef22999e17b8895dbbc8222
- SHA256
  
  19718fa90ff6566c3a7c5ce865dfc7cb1e932b10bbc94a5e808b3470ae30d77b
- SHA512
  
  79a30fe64d7bf31e7ea3eb20784a8def33362011f7177b7a24f940ac23d140e8aea0cb4874a94776025d3deb8c7b5b36a86e13a4d4b2516747907afef495e6dd
- SSDEEP
  
  1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb614B:BbdDmjr+OtEvwDpjM2
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy