Overview

overview

10

Static

static

10

2024-04-05...er.exe

windows7-x64

9

2024-04-05...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-05_df5d57f3fc8c0b83c5a36d8e1135b1bb_cryptolocker

  • Size

    31KB

  • Sample

    240405-sbpqgafe42

  • MD5

    df5d57f3fc8c0b83c5a36d8e1135b1bb

  • SHA1

    dae3218b61d40aefaf5c993a4299fd223f4dbf22

  • SHA256

    d186c0b0a7b96882f32743e28210608bca104d743a28a11644e4dcedeabc06ba

  • SHA512

    a795136e781a9dd91c9f2d0469bf4ce2c69de36eb9b73b50520e2357616a8fa8ea0d1ec0fbf47645930cf7250afc9053985c9ae9873349ec1343e6ec7fdb2d99

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xOcsTa:q0zizzOSxMOtEvwDpj/arMHTa

Score
10/10

Malware Config

Targets

    • Target

      2024-04-05_df5d57f3fc8c0b83c5a36d8e1135b1bb_cryptolocker

    • Size

      31KB

    • MD5

      df5d57f3fc8c0b83c5a36d8e1135b1bb

    • SHA1

      dae3218b61d40aefaf5c993a4299fd223f4dbf22

    • SHA256

      d186c0b0a7b96882f32743e28210608bca104d743a28a11644e4dcedeabc06ba

    • SHA512

      a795136e781a9dd91c9f2d0469bf4ce2c69de36eb9b73b50520e2357616a8fa8ea0d1ec0fbf47645930cf7250afc9053985c9ae9873349ec1343e6ec7fdb2d99

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xOcsTa:q0zizzOSxMOtEvwDpj/arMHTa

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks