Overview

overview

10

Static

static

10

2024-04-24...er.exe

windows7-x64

9

2024-04-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-24_85bcf63da92c70e63c25796fd3ddc885_cryptolocker

  • Size

    68KB

  • Sample

    240424-wbhhyaeb73

  • MD5

    85bcf63da92c70e63c25796fd3ddc885

  • SHA1

    4fc8558152e6ed1a5001082710e6e2139afe5b23

  • SHA256

    fbd5245139b22543674702e229c2836533a41c396d436e96f197f700815272b0

  • SHA512

    93792e0490595dc2fed158ff29e80aa5c9681cf5e59280f833c63a5be0b1d42ce20cd0691201e91bc1ed46ba1062c5a708cfdfe810531cd651464693cb2ff8c2

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFWT:6j+1NMOtEvwDpjr8ox8UDEpN/jWT

Score
10/10

Malware Config

Targets

    • Target

      2024-04-24_85bcf63da92c70e63c25796fd3ddc885_cryptolocker

    • Size

      68KB

    • MD5

      85bcf63da92c70e63c25796fd3ddc885

    • SHA1

      4fc8558152e6ed1a5001082710e6e2139afe5b23

    • SHA256

      fbd5245139b22543674702e229c2836533a41c396d436e96f197f700815272b0

    • SHA512

      93792e0490595dc2fed158ff29e80aa5c9681cf5e59280f833c63a5be0b1d42ce20cd0691201e91bc1ed46ba1062c5a708cfdfe810531cd651464693cb2ff8c2

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFWT:6j+1NMOtEvwDpjr8ox8UDEpN/jWT

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks