Overview

overview

10

Static

static

10

2024-03-18...er.exe

windows7-x64

9

2024-03-18...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-18_832f7a9ba680bc04b86d50eefba571d9_cryptolocker

  • Size

    29KB

  • Sample

    240318-t4tqkadg81

  • MD5

    832f7a9ba680bc04b86d50eefba571d9

  • SHA1

    2f7e4ec0ca3780f3c136a27ac15a978814e5b952

  • SHA256

    dc0d5415e0c05228e5514160e59bed00dbb0f73fd0e2ae02fd622588f9c20b58

  • SHA512

    6eb540ee76d3f0e410f10614bee988519f74a5172ed5682303f88f29185078d97b6337311a2e156ffabaa30e9d93e5e6a05f7e640bd7f10cf263a083da998048

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+Ux:b/yC4GyNM01GuQMNXum+4

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-03-18_832f7a9ba680bc04b86d50eefba571d9_cryptolocker

    • Size

      29KB

    • MD5

      832f7a9ba680bc04b86d50eefba571d9

    • SHA1

      2f7e4ec0ca3780f3c136a27ac15a978814e5b952

    • SHA256

      dc0d5415e0c05228e5514160e59bed00dbb0f73fd0e2ae02fd622588f9c20b58

    • SHA512

      6eb540ee76d3f0e410f10614bee988519f74a5172ed5682303f88f29185078d97b6337311a2e156ffabaa30e9d93e5e6a05f7e640bd7f10cf263a083da998048

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+Ux:b/yC4GyNM01GuQMNXum+4

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks