Overview

overview

10

Static

static

10

2024-04-15...er.exe

windows7-x64

9

2024-04-15...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-15_8c27b54c42a9973e86315a04d4efd337_cryptolocker

  • Size

    36KB

  • Sample

    240415-lykayaea2w

  • MD5

    8c27b54c42a9973e86315a04d4efd337

  • SHA1

    351114bb7538a8196c10fb911f71f26cf3887667

  • SHA256

    bea795bea1e9d040fe321e4363254fab1a2688b8eb61d037098762345e784fee

  • SHA512

    6b5e599e66793b4ecdc0a59bea7f97bf22ad2959af4fc8cb0817428a21c6b19aff3465cb08418f83283d347d152433baf89215f37e9b1465c4e89f381bfaa824

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHC02ltAUACe:b/pYayGig5HC02gbCe

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-04-15_8c27b54c42a9973e86315a04d4efd337_cryptolocker

    • Size

      36KB

    • MD5

      8c27b54c42a9973e86315a04d4efd337

    • SHA1

      351114bb7538a8196c10fb911f71f26cf3887667

    • SHA256

      bea795bea1e9d040fe321e4363254fab1a2688b8eb61d037098762345e784fee

    • SHA512

      6b5e599e66793b4ecdc0a59bea7f97bf22ad2959af4fc8cb0817428a21c6b19aff3465cb08418f83283d347d152433baf89215f37e9b1465c4e89f381bfaa824

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHC02ltAUACe:b/pYayGig5HC02gbCe

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks