cc6f942cac11c2d1d66808800be9381ee0d302f1951a4117b969d7bea40c1111 | Triage

Submit
Reports

Overview

overview

Static

static

2024-04-25...er.exe

windows7-x64

9

2024-04-25...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker
Size

42KB
Sample

240425-c77yxsdh58
MD5

7f5fe52befb8a9c568c8ccd4ba07e719
SHA1

e0757e3384f73a47862c7bbc58a73ab4d34f15c1
SHA256

cc6f942cac11c2d1d66808800be9381ee0d302f1951a4117b969d7bea40c1111
SHA512

c0b662ff91208141b6ec9eec0d1392b1ae6d5d0e24927c79eb3daf73c56e579b6ea12d370df7dcee34e506430cba6b4ea13b6d9d345ca5e196c541dce372de1b
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9DUL:b/pYayGig5HjS3NPA9DY

Score

10^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker.exe

Resource

win7-20240220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker
- Size
  
  42KB
- MD5
  
  7f5fe52befb8a9c568c8ccd4ba07e719
- SHA1
  
  e0757e3384f73a47862c7bbc58a73ab4d34f15c1
- SHA256
  
  cc6f942cac11c2d1d66808800be9381ee0d302f1951a4117b969d7bea40c1111
- SHA512
  
  c0b662ff91208141b6ec9eec0d1392b1ae6d5d0e24927c79eb3daf73c56e579b6ea12d370df7dcee34e506430cba6b4ea13b6d9d345ca5e196c541dce372de1b
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9DUL:b/pYayGig5HjS3NPA9DY
Score

9^/10

discovery
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy