Overview

overview

10

Static

static

10

2024-03-26...er.exe

windows7-x64

9

2024-03-26...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-26_81b93562c59e57d527f7104a3b890be3_cryptolocker

  • Size

    59KB

  • Sample

    240326-v428daff39

  • MD5

    81b93562c59e57d527f7104a3b890be3

  • SHA1

    dce32948bdbb533416e681798006d917b4336ed4

  • SHA256

    e2c1935162812c0ef3cc6c76cf0f01266e6b82db51a68a76336ac91aabe61151

  • SHA512

    84fa3db09c7853e15aa8033275d773ba448d165384f318c2ebc152f8e33e94ecada6df0510106d1e331d00488c182e90660aa5a4f110cb03863cb13abdb8374d

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61PT5:BbdDmjr+OtEvwDpjMb

Score
10/10

Malware Config

Targets

    • Target

      2024-03-26_81b93562c59e57d527f7104a3b890be3_cryptolocker

    • Size

      59KB

    • MD5

      81b93562c59e57d527f7104a3b890be3

    • SHA1

      dce32948bdbb533416e681798006d917b4336ed4

    • SHA256

      e2c1935162812c0ef3cc6c76cf0f01266e6b82db51a68a76336ac91aabe61151

    • SHA512

      84fa3db09c7853e15aa8033275d773ba448d165384f318c2ebc152f8e33e94ecada6df0510106d1e331d00488c182e90660aa5a4f110cb03863cb13abdb8374d

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61PT5:BbdDmjr+OtEvwDpjMb

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks