d3c652583b7f0a4e136cc475becb63b8528ece22321e244c98c4c964b55d18ed | Triage

Submit
Reports

Overview

overview

Static

static

2024-05-21...er.exe

windows7-x64

9

2024-05-21...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-05-21_4b6023a654d5da518ec183491ddeeea6_cryptolocker
Size

37KB
Sample

240521-s1jkraae69
MD5

4b6023a654d5da518ec183491ddeeea6
SHA1

d59fe839c73598fdf0c01bc9bf8803605826d764
SHA256

d3c652583b7f0a4e136cc475becb63b8528ece22321e244c98c4c964b55d18ed
SHA512

8d53d681dc165e3a24acb1c9bb8c017b1bd63559de50c4e2d4c3898fe4a4548e348acc39fd5b984ba250674197a30baf3278fecbd9c09645b842b941a7ccd1f1
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qG:fT+hsMQMOtEvwDpjoIH9

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-05-21_4b6023a654d5da518ec183491ddeeea6_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-21_4b6023a654d5da518ec183491ddeeea6_cryptolocker.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-21_4b6023a654d5da518ec183491ddeeea6_cryptolocker
- Size
  
  37KB
- MD5
  
  4b6023a654d5da518ec183491ddeeea6
- SHA1
  
  d59fe839c73598fdf0c01bc9bf8803605826d764
- SHA256
  
  d3c652583b7f0a4e136cc475becb63b8528ece22321e244c98c4c964b55d18ed
- SHA512
  
  8d53d681dc165e3a24acb1c9bb8c017b1bd63559de50c4e2d4c3898fe4a4548e348acc39fd5b984ba250674197a30baf3278fecbd9c09645b842b941a7ccd1f1
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qG:fT+hsMQMOtEvwDpjoIH9
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy