Overview

overview

10

Static

static

10

2024-04-25...er.exe

windows7-x64

9

2024-04-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-25_fb735b9d44cea9d4d002b9efe7ce3314_cryptolocker

  • Size

    42KB

  • Sample

    240425-djn2kseb73

  • MD5

    fb735b9d44cea9d4d002b9efe7ce3314

  • SHA1

    cbefa2179c711857ed74674261b3ca76d24f7223

  • SHA256

    a57a354594147a413f4dd08db9d43d4c6cef41b4f046cfefe8ec1b8b2bfdd198

  • SHA512

    374ab0556344978a3326efc3f022d1f8523d4a9b1fec2d99015bda1838a90e7b617755af8b22d4f7f3f6af0b32491f44e3b79cdb32cad97a0aef0ffd45acec84

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAO:b/pYayGig5HjS3NPAO

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-04-25_fb735b9d44cea9d4d002b9efe7ce3314_cryptolocker

    • Size

      42KB

    • MD5

      fb735b9d44cea9d4d002b9efe7ce3314

    • SHA1

      cbefa2179c711857ed74674261b3ca76d24f7223

    • SHA256

      a57a354594147a413f4dd08db9d43d4c6cef41b4f046cfefe8ec1b8b2bfdd198

    • SHA512

      374ab0556344978a3326efc3f022d1f8523d4a9b1fec2d99015bda1838a90e7b617755af8b22d4f7f3f6af0b32491f44e3b79cdb32cad97a0aef0ffd45acec84

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAO:b/pYayGig5HjS3NPAO

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Network Service Discovery

1
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks