Overview

overview

10

Static

static

10

2024-05-21...er.exe

windows7-x64

9

2024-05-21...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-21_1e0f353e517451ee1fa7cf9aa4a22235_cryptolocker

  • Size

    47KB

  • Sample

    240521-t111gabh51

  • MD5

    1e0f353e517451ee1fa7cf9aa4a22235

  • SHA1

    1c1b1f024914b1858121964e2b9db4e2324870d8

  • SHA256

    b283ebf98eead2515c7b9b5913afcc9d6ebb5876cc99b4200b2e0e6b1c083b9f

  • SHA512

    6736fda61981fb1f73a8976d17574f49b1e96a4c5255fb5c133d93805710a1070b5a0eecca95ff8c3cd94ce01fad3040bbfd383c0ab89c45ecc395b4bd140393

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoAT:qmbhXDmjr5MOtEvwDpj5cDtKkQZQm

Score
10/10

Malware Config

Targets

    • Target

      2024-05-21_1e0f353e517451ee1fa7cf9aa4a22235_cryptolocker

    • Size

      47KB

    • MD5

      1e0f353e517451ee1fa7cf9aa4a22235

    • SHA1

      1c1b1f024914b1858121964e2b9db4e2324870d8

    • SHA256

      b283ebf98eead2515c7b9b5913afcc9d6ebb5876cc99b4200b2e0e6b1c083b9f

    • SHA512

      6736fda61981fb1f73a8976d17574f49b1e96a4c5255fb5c133d93805710a1070b5a0eecca95ff8c3cd94ce01fad3040bbfd383c0ab89c45ecc395b4bd140393

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoAT:qmbhXDmjr5MOtEvwDpj5cDtKkQZQm

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks