Overview

overview

10

Static

static

10

2024-05-10...er.exe

windows7-x64

9

2024-05-10...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-10_28e4ae5c40e54c2fd2ba13d2be0b0a57_cryptolocker

  • Size

    68KB

  • Sample

    240510-nkr5qsfa69

  • MD5

    28e4ae5c40e54c2fd2ba13d2be0b0a57

  • SHA1

    8982306d7c3f2d933f44552f928f02e324bf9a11

  • SHA256

    0268f0c010f4eea534de51ed7463b9a837a3654a2e977f053f8f6c95989d05ed

  • SHA512

    71966d9cc7a116f4a8e9297a18f83c05653cbe0cdc903a484e943ba9cddda7008725ab6d16ec014db54a216c21eaf2e9a3b7c357518a468e3ef0e113f8aa9e9a

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFW+:6j+1NMOtEvwDpjr8ox8UDEpN/jW+

Score
10/10

Malware Config

Targets

    • Target

      2024-05-10_28e4ae5c40e54c2fd2ba13d2be0b0a57_cryptolocker

    • Size

      68KB

    • MD5

      28e4ae5c40e54c2fd2ba13d2be0b0a57

    • SHA1

      8982306d7c3f2d933f44552f928f02e324bf9a11

    • SHA256

      0268f0c010f4eea534de51ed7463b9a837a3654a2e977f053f8f6c95989d05ed

    • SHA512

      71966d9cc7a116f4a8e9297a18f83c05653cbe0cdc903a484e943ba9cddda7008725ab6d16ec014db54a216c21eaf2e9a3b7c357518a468e3ef0e113f8aa9e9a

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFW+:6j+1NMOtEvwDpjr8ox8UDEpN/jW+

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks