General

  • Target

    2024-05-21_680a1899fcdb1b213301ea168537b8c4_cryptolocker

  • Size

    42KB

  • Sample

    240521-s4hsmaag6x

  • MD5

    680a1899fcdb1b213301ea168537b8c4

  • SHA1

    d58c855ca2c0e6e79c5101b0bbf1bbb086562a8c

  • SHA256

    9e15daaae9d1125f8520378f838dfd6c953be99c2120a681ac1109cc20e4ba4d

  • SHA512

    6d856c767125f51a14376ef2a1fcaefb9e9e5c7e1c212f262a337c11e0313e2d454f91d31381f59f63087a77f9d7f76781eefa4458ca758e70ef0b687f4761af

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZE:i5nkFGMOtEvwDpjR+viHs2

Score
10/10

Malware Config

Targets

    • Target

      2024-05-21_680a1899fcdb1b213301ea168537b8c4_cryptolocker

    • Size

      42KB

    • MD5

      680a1899fcdb1b213301ea168537b8c4

    • SHA1

      d58c855ca2c0e6e79c5101b0bbf1bbb086562a8c

    • SHA256

      9e15daaae9d1125f8520378f838dfd6c953be99c2120a681ac1109cc20e4ba4d

    • SHA512

      6d856c767125f51a14376ef2a1fcaefb9e9e5c7e1c212f262a337c11e0313e2d454f91d31381f59f63087a77f9d7f76781eefa4458ca758e70ef0b687f4761af

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZE:i5nkFGMOtEvwDpjR+viHs2

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks