Overview

overview

10

Static

static

10

2024-04-28...er.exe

windows7-x64

9

2024-04-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-28_6772a843ade3f92989fa122853f0a32b_cryptolocker

  • Size

    62KB

  • Sample

    240428-ryz92sac2y

  • MD5

    6772a843ade3f92989fa122853f0a32b

  • SHA1

    3c3b8583b9be37a0ef9b8ee874d87eef05f7f503

  • SHA256

    7581fe6ea235bc0695a259742d04bb85a2c1083a6d71af377e267be082b7e042

  • SHA512

    a6ede372139d2b780b42762de9e968a213ee9e38cf0480d0be87f3d8dd33e65d59bf264a5f17a15904d404d31137d136a0c60dfda1be79372b55516d79b85e5d

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsit:BbdDmjr+OtEvwDpjM8U

Score
10/10

Malware Config

Targets

    • Target

      2024-04-28_6772a843ade3f92989fa122853f0a32b_cryptolocker

    • Size

      62KB

    • MD5

      6772a843ade3f92989fa122853f0a32b

    • SHA1

      3c3b8583b9be37a0ef9b8ee874d87eef05f7f503

    • SHA256

      7581fe6ea235bc0695a259742d04bb85a2c1083a6d71af377e267be082b7e042

    • SHA512

      a6ede372139d2b780b42762de9e968a213ee9e38cf0480d0be87f3d8dd33e65d59bf264a5f17a15904d404d31137d136a0c60dfda1be79372b55516d79b85e5d

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsit:BbdDmjr+OtEvwDpjM8U

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks