Overview

overview

10

Static

static

10

2024-05-21...er.exe

windows7-x64

9

2024-05-21...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-21_6d244256c1f21f31dfbc46cbaead4009_cryptolocker

  • Size

    52KB

  • Sample

    240521-s4269saf74

  • MD5

    6d244256c1f21f31dfbc46cbaead4009

  • SHA1

    40db79418561cc3e9c2d6bbdfa343c3e416b1873

  • SHA256

    96c3a62d00ed6d8b28b955658b1fa53d7ccf5fe3cf831aa74ed47dcf3deaa0eb

  • SHA512

    37a9071d2135d3555351003e961bd2f4b57478069d797ef15c5253f3545c48cfe90ed5994e4ad8b44859da8482c772044758cd1b3cf717807fb052f947184d52

  • SSDEEP

    768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKIRszDr6aS:79mqyNhQMOtEvwDpjBxe8TpXRSDeaS

Score
10/10

Malware Config

Targets

    • Target

      2024-05-21_6d244256c1f21f31dfbc46cbaead4009_cryptolocker

    • Size

      52KB

    • MD5

      6d244256c1f21f31dfbc46cbaead4009

    • SHA1

      40db79418561cc3e9c2d6bbdfa343c3e416b1873

    • SHA256

      96c3a62d00ed6d8b28b955658b1fa53d7ccf5fe3cf831aa74ed47dcf3deaa0eb

    • SHA512

      37a9071d2135d3555351003e961bd2f4b57478069d797ef15c5253f3545c48cfe90ed5994e4ad8b44859da8482c772044758cd1b3cf717807fb052f947184d52

    • SSDEEP

      768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKIRszDr6aS:79mqyNhQMOtEvwDpjBxe8TpXRSDeaS

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks