Overview

overview

10

Static

static

10

2024-04-06...er.exe

windows7-x64

9

2024-04-06...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-06_b414d2e657e7103940bb52f40a04041b_cryptolocker

  • Size

    29KB

  • Sample

    240406-flpr1abh39

  • MD5

    b414d2e657e7103940bb52f40a04041b

  • SHA1

    4c28560e520c4e7d63124cd00f240e38ed8371f0

  • SHA256

    a9834b9dfc4a87ce049d5496541eb94aa1d41c54d237cc55d14269473b4e953f

  • SHA512

    66ca4a2c1e3b6405698cb8093929428285d579f774cfbfce08bbd7e08a68ca8d1bb06b0809af84fc617289b35ff86c83f302be885d2f1ca6dc57a58fdd275e4d

  • SSDEEP

    384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJhp:bA74zYcgT/Ekd0ryfjQRSvp

Score
10/10

Malware Config

Targets

    • Target

      2024-04-06_b414d2e657e7103940bb52f40a04041b_cryptolocker

    • Size

      29KB

    • MD5

      b414d2e657e7103940bb52f40a04041b

    • SHA1

      4c28560e520c4e7d63124cd00f240e38ed8371f0

    • SHA256

      a9834b9dfc4a87ce049d5496541eb94aa1d41c54d237cc55d14269473b4e953f

    • SHA512

      66ca4a2c1e3b6405698cb8093929428285d579f774cfbfce08bbd7e08a68ca8d1bb06b0809af84fc617289b35ff86c83f302be885d2f1ca6dc57a58fdd275e4d

    • SSDEEP

      384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJhp:bA74zYcgT/Ekd0ryfjQRSvp

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks