Overview

overview

10

Static

static

10

2024-04-26...er.exe

windows7-x64

9

2024-04-26...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-26_9403978a65b827891875b92a27799dae_cryptolocker

  • Size

    64KB

  • Sample

    240426-3fcxksfb5x

  • MD5

    9403978a65b827891875b92a27799dae

  • SHA1

    29e3581eabab1d6b1853908e3929f7b28fb0388e

  • SHA256

    03856dfee18e21f99f438c581d2da0cdcb813646b896cba091360c74511ee141

  • SHA512

    5b4d6a77c78a3f1915c2d895074c837b948be34b88d51fba122b676ef083309e8c83e755e2d0680a0f0d27d2e83d3aa83f46017800081e7cbc83484cb667fe6a

  • SSDEEP

    1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1x/9lfL+gniDScGH:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7O

Score
10/10

Malware Config

Targets

    • Target

      2024-04-26_9403978a65b827891875b92a27799dae_cryptolocker

    • Size

      64KB

    • MD5

      9403978a65b827891875b92a27799dae

    • SHA1

      29e3581eabab1d6b1853908e3929f7b28fb0388e

    • SHA256

      03856dfee18e21f99f438c581d2da0cdcb813646b896cba091360c74511ee141

    • SHA512

      5b4d6a77c78a3f1915c2d895074c837b948be34b88d51fba122b676ef083309e8c83e755e2d0680a0f0d27d2e83d3aa83f46017800081e7cbc83484cb667fe6a

    • SSDEEP

      1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1x/9lfL+gniDScGH:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7O

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks