Overview

overview

10

Static

static

10

2024-04-19...er.exe

windows7-x64

9

2024-04-19...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-19_4cbfd94f68da6ac7c757ae2eaf865cfa_cryptolocker

  • Size

    48KB

  • Sample

    240419-lfq1rsef3z

  • MD5

    4cbfd94f68da6ac7c757ae2eaf865cfa

  • SHA1

    d8a15f41ea6c74deda8a300f5357f62d80ee72b3

  • SHA256

    d2eb41d3ff3aed48ca60a21deaf9fc1f791cc0ef38c15dcc06ed70346e588c0d

  • SHA512

    9d1980aaab4c7f1a048f3bbd02dc18b201e638f4f0a71029008ea7164986848402ff416dc2f71bf776d64a202891643cf087a7f635fedca108af765454a17911

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaN4NOd:xj+VGMOtEvwDpjy+TN4O

Score
10/10

Malware Config

Targets

    • Target

      2024-04-19_4cbfd94f68da6ac7c757ae2eaf865cfa_cryptolocker

    • Size

      48KB

    • MD5

      4cbfd94f68da6ac7c757ae2eaf865cfa

    • SHA1

      d8a15f41ea6c74deda8a300f5357f62d80ee72b3

    • SHA256

      d2eb41d3ff3aed48ca60a21deaf9fc1f791cc0ef38c15dcc06ed70346e588c0d

    • SHA512

      9d1980aaab4c7f1a048f3bbd02dc18b201e638f4f0a71029008ea7164986848402ff416dc2f71bf776d64a202891643cf087a7f635fedca108af765454a17911

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaN4NOd:xj+VGMOtEvwDpjy+TN4O

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks