Overview

overview

10

Static

static

10

2024-04-06...er.exe

windows7-x64

9

2024-04-06...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-06_597a378e8e0985f9f433996fc450c3f7_cryptolocker

  • Size

    34KB

  • Sample

    240406-ay2dnsff51

  • MD5

    597a378e8e0985f9f433996fc450c3f7

  • SHA1

    14e163cae35a01c75c970257f87b1b34068382b6

  • SHA256

    d71cc71c3d20e89b28c3e109e683e8abfa1897376c4e7c4c0b8fe95f4e80e058

  • SHA512

    c9713ba6ab94b72ab6d311456e43b76f86eca60d85c041609af767e140fd252ff1b295c5a34244c6d86f7e5f620f2c1debe7d7a6683cc8c2e8d1de9806c196a8

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PTQ6:b/yC4GyNM01GuQMNXw2PSjS2uvdHd9s6

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-04-06_597a378e8e0985f9f433996fc450c3f7_cryptolocker

    • Size

      34KB

    • MD5

      597a378e8e0985f9f433996fc450c3f7

    • SHA1

      14e163cae35a01c75c970257f87b1b34068382b6

    • SHA256

      d71cc71c3d20e89b28c3e109e683e8abfa1897376c4e7c4c0b8fe95f4e80e058

    • SHA512

      c9713ba6ab94b72ab6d311456e43b76f86eca60d85c041609af767e140fd252ff1b295c5a34244c6d86f7e5f620f2c1debe7d7a6683cc8c2e8d1de9806c196a8

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PTQ6:b/yC4GyNM01GuQMNXw2PSjS2uvdHd9s6

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks