Overview

overview

10

Static

static

10

2024-04-26...er.exe

windows7-x64

9

2024-04-26...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-26_8e0e9d07eba099623396f04ef4c9079b_cryptolocker

  • Size

    49KB

  • Sample

    240426-fkmk9aab55

  • MD5

    8e0e9d07eba099623396f04ef4c9079b

  • SHA1

    686331eb4ea4e47ed2a4ed2ec3eda4935876b6f9

  • SHA256

    c0a4467da2bdac647d35cb1b8de73d0b228f6619a190fb94c7f5754ff31b5e73

  • SHA512

    10233742bb7940ca7817ec4d22c6472beba0d64c7ea98f7fc2d9340ebd3bbbdf06ed90b05fa951781f0058b5cbd8721a920a1f9f89d41c8456cda62b50c65c71

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldedHqz:xj+VGMOtEvwDpjk/eVqz

Score
10/10

Malware Config

Targets

    • Target

      2024-04-26_8e0e9d07eba099623396f04ef4c9079b_cryptolocker

    • Size

      49KB

    • MD5

      8e0e9d07eba099623396f04ef4c9079b

    • SHA1

      686331eb4ea4e47ed2a4ed2ec3eda4935876b6f9

    • SHA256

      c0a4467da2bdac647d35cb1b8de73d0b228f6619a190fb94c7f5754ff31b5e73

    • SHA512

      10233742bb7940ca7817ec4d22c6472beba0d64c7ea98f7fc2d9340ebd3bbbdf06ed90b05fa951781f0058b5cbd8721a920a1f9f89d41c8456cda62b50c65c71

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldedHqz:xj+VGMOtEvwDpjk/eVqz

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks