Overview

overview

10

Static

static

10

2024-04-24...er.exe

windows7-x64

9

2024-04-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-24_589050ff71796e627ad29a8978dc38dc_cryptolocker

  • Size

    42KB

  • Sample

    240424-a123zsdb92

  • MD5

    589050ff71796e627ad29a8978dc38dc

  • SHA1

    6fa33516e7d5572b1ba8c51aba14571896d8cdc4

  • SHA256

    1c981683977ddf7bc404944a5eb1d8fee61e0d648f7f90a085b2407e9583f3fe

  • SHA512

    744c5f68073c88c58637810a4e708e19e4e0dab1598a8f5f9a8a186defd864798c1c9dbdfc07d90128d8482c3be18280489be9b9806bfa89aa2bd98560d8bf5b

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAY:b/pYayGig5HjS3NPAY

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-04-24_589050ff71796e627ad29a8978dc38dc_cryptolocker

    • Size

      42KB

    • MD5

      589050ff71796e627ad29a8978dc38dc

    • SHA1

      6fa33516e7d5572b1ba8c51aba14571896d8cdc4

    • SHA256

      1c981683977ddf7bc404944a5eb1d8fee61e0d648f7f90a085b2407e9583f3fe

    • SHA512

      744c5f68073c88c58637810a4e708e19e4e0dab1598a8f5f9a8a186defd864798c1c9dbdfc07d90128d8482c3be18280489be9b9806bfa89aa2bd98560d8bf5b

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAY:b/pYayGig5HjS3NPAY

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks