General

  • Target

    2024-04-30_f302807b977c278a748dad21a665f535_cryptolocker

  • Size

    55KB

  • Sample

    240430-djlw8abc9w

  • MD5

    f302807b977c278a748dad21a665f535

  • SHA1

    765bacef7b3e38c2c4dbdefde07815e721061d64

  • SHA256

    cc9f4a20a690327c3b485148fdf80a5b20a2206ae4970d8652aa68aa0d581089

  • SHA512

    5e3dd88c950b1e2c560567f04682db999fe9c9c52acf2e05638cdcf29971034046e6335730fd4fefcaecd977e496c90f2086bdebcfe36cfe8bbe6bc73bb989f0

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/elM:6j+1NMOtEvwDpjr8oxExelM

Score
10/10

Malware Config

Targets

    • Target

      2024-04-30_f302807b977c278a748dad21a665f535_cryptolocker

    • Size

      55KB

    • MD5

      f302807b977c278a748dad21a665f535

    • SHA1

      765bacef7b3e38c2c4dbdefde07815e721061d64

    • SHA256

      cc9f4a20a690327c3b485148fdf80a5b20a2206ae4970d8652aa68aa0d581089

    • SHA512

      5e3dd88c950b1e2c560567f04682db999fe9c9c52acf2e05638cdcf29971034046e6335730fd4fefcaecd977e496c90f2086bdebcfe36cfe8bbe6bc73bb989f0

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/elM:6j+1NMOtEvwDpjr8oxExelM

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks