Overview

overview

10

Static

static

10

2024-04-20...er.exe

windows7-x64

9

2024-04-20...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-20_5ff1c57ec0c3d7cff5c6c18b248c15a1_cryptolocker

  • Size

    32KB

  • Sample

    240420-eagrksgc9v

  • MD5

    5ff1c57ec0c3d7cff5c6c18b248c15a1

  • SHA1

    deba142834d5d972afe4f52967d6028f980f229f

  • SHA256

    2e2a015237f4135a1ac2d56f18f71eedb5418c76c929a5bdfdd14ca9fd2c368c

  • SHA512

    a52fb0c51b765e7db17d0d95c23bfc9f892db209e3b9c09a16f47017b56d1f47fad5036027e85b9da0b98ee8eb40de398ee8931e14198de7d32206ea375e8563

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStEkcsP:b/yC4GyNM01GuQMNXw2PSjSKkck

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-04-20_5ff1c57ec0c3d7cff5c6c18b248c15a1_cryptolocker

    • Size

      32KB

    • MD5

      5ff1c57ec0c3d7cff5c6c18b248c15a1

    • SHA1

      deba142834d5d972afe4f52967d6028f980f229f

    • SHA256

      2e2a015237f4135a1ac2d56f18f71eedb5418c76c929a5bdfdd14ca9fd2c368c

    • SHA512

      a52fb0c51b765e7db17d0d95c23bfc9f892db209e3b9c09a16f47017b56d1f47fad5036027e85b9da0b98ee8eb40de398ee8931e14198de7d32206ea375e8563

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStEkcsP:b/yC4GyNM01GuQMNXw2PSjSKkck

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks