Overview

overview

10

Static

static

10

2024-04-16...er.exe

windows7-x64

9

2024-04-16...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-16_dbc8e1544f25efe02086c0dcdde6a310_cryptolocker

  • Size

    4.5MB

  • Sample

    240416-hjxqyade3z

  • MD5

    dbc8e1544f25efe02086c0dcdde6a310

  • SHA1

    2b065923db3f628d416d7eb852ad62f02a0aa0ae

  • SHA256

    dbb015a7989a8841c487c5c68a62edbea08988ea7551b139c5b8bc4ab097f1ed

  • SHA512

    aa7e7c987fc41bb4e0a92274be90a30f4226745f82b3f9ca2c7d9ac8ab5b7d4a038b0dd6d290bc71b375807be26f834bb40eae118b831ad4f78033b3b6f16fa3

  • SSDEEP

    98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymTo:g/ZFIjBzF/ZFIjBzPEUuso

Score
10/10

Malware Config

Targets

    • Target

      2024-04-16_dbc8e1544f25efe02086c0dcdde6a310_cryptolocker

    • Size

      4.5MB

    • MD5

      dbc8e1544f25efe02086c0dcdde6a310

    • SHA1

      2b065923db3f628d416d7eb852ad62f02a0aa0ae

    • SHA256

      dbb015a7989a8841c487c5c68a62edbea08988ea7551b139c5b8bc4ab097f1ed

    • SHA512

      aa7e7c987fc41bb4e0a92274be90a30f4226745f82b3f9ca2c7d9ac8ab5b7d4a038b0dd6d290bc71b375807be26f834bb40eae118b831ad4f78033b3b6f16fa3

    • SSDEEP

      98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymTo:g/ZFIjBzF/ZFIjBzPEUuso

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks