Overview

overview

10

Static

static

10

2024-04-28...er.exe

windows7-x64

9

2024-04-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-28_e580036ffb0dc859eff1d96a597c2d82_cryptolocker

  • Size

    127KB

  • Sample

    240428-nklb7aef38

  • MD5

    e580036ffb0dc859eff1d96a597c2d82

  • SHA1

    0d21b508a0337cf0d7f8273fa222ef4fb905bde4

  • SHA256

    9d43e37bc95890448f1646bdce75ec8ac990c3900173946ba07968882ae139f3

  • SHA512

    d62e93842c6a28681f6bfd814bd2372bd3a61c41105ba3fbd5170318d50548649215a2266634cc67c7d6e47547becb5f09b6959b08bf63b7fb0801cc2b0d2222

  • SSDEEP

    1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//LITr:vCjsIOtEvwDpj5H9YvQd2R+

Score
10/10

Malware Config

Targets

    • Target

      2024-04-28_e580036ffb0dc859eff1d96a597c2d82_cryptolocker

    • Size

      127KB

    • MD5

      e580036ffb0dc859eff1d96a597c2d82

    • SHA1

      0d21b508a0337cf0d7f8273fa222ef4fb905bde4

    • SHA256

      9d43e37bc95890448f1646bdce75ec8ac990c3900173946ba07968882ae139f3

    • SHA512

      d62e93842c6a28681f6bfd814bd2372bd3a61c41105ba3fbd5170318d50548649215a2266634cc67c7d6e47547becb5f09b6959b08bf63b7fb0801cc2b0d2222

    • SSDEEP

      1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//LITr:vCjsIOtEvwDpj5H9YvQd2R+

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks