27db1adedb259708b37f30499d9f9b0daf2702d6a9f64f8e04c15d8b4e1dc3cf | Triage

Submit
Reports

Overview

overview

Static

static

2024-04-20...er.exe

windows7-x64

9

2024-04-20...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_fee6d2d24343cf827f5f1e5d298c4073_cryptolocker
Size

35KB
Sample

240420-fkp2daha83
MD5

fee6d2d24343cf827f5f1e5d298c4073
SHA1

0aaaf918fcaee22bcb9ec04ee19ae1eb8258d0ed
SHA256

27db1adedb259708b37f30499d9f9b0daf2702d6a9f64f8e04c15d8b4e1dc3cf
SHA512

568abc911eb52e598314e0085483705394f8a8676257d1fdc41cdbd7702bd28d2e42a02d976046e95984c3994ad193918b8a70b0404d0c2f69b07df5566b1bb2
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0X/EIjxur:b/yC4GyNM01GuQMNXw2PSjH+PPxi

Score

10^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-04-20_fee6d2d24343cf827f5f1e5d298c4073_cryptolocker.exe

Resource

win7-20240220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-20_fee6d2d24343cf827f5f1e5d298c4073_cryptolocker.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-20_fee6d2d24343cf827f5f1e5d298c4073_cryptolocker
- Size
  
  35KB
- MD5
  
  fee6d2d24343cf827f5f1e5d298c4073
- SHA1
  
  0aaaf918fcaee22bcb9ec04ee19ae1eb8258d0ed
- SHA256
  
  27db1adedb259708b37f30499d9f9b0daf2702d6a9f64f8e04c15d8b4e1dc3cf
- SHA512
  
  568abc911eb52e598314e0085483705394f8a8676257d1fdc41cdbd7702bd28d2e42a02d976046e95984c3994ad193918b8a70b0404d0c2f69b07df5566b1bb2
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0X/EIjxur:b/yC4GyNM01GuQMNXw2PSjH+PPxi
Score

9^/10

discovery
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy