Overview

overview

10

Static

static

10

2024-05-21...er.exe

windows7-x64

9

2024-05-21...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-21_e876d7dda0a13c369e2cbf256453329b_cryptolocker

  • Size

    48KB

  • Sample

    240521-thz1fsbc9t

  • MD5

    e876d7dda0a13c369e2cbf256453329b

  • SHA1

    3cfd13b5b2736140d11073bbb24e0f4461d0cf0f

  • SHA256

    1ebd2d0ab3604a34190578551a008aa481fc9659868af22e7a7894894bdc9471

  • SHA512

    d3c8ba1cfd8c032dba6b4527df9830eaf8518d773e9f6e743a539146b4be998ccd56ede4d1e6ae924ab80d01e00f37005cd1b61e9bfb7d25b2e94ee505070ea7

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoL5c:qmbhXDmjr5MOtEvwDpj5cDtKkQZQVe

Score
10/10

Malware Config

Targets

    • Target

      2024-05-21_e876d7dda0a13c369e2cbf256453329b_cryptolocker

    • Size

      48KB

    • MD5

      e876d7dda0a13c369e2cbf256453329b

    • SHA1

      3cfd13b5b2736140d11073bbb24e0f4461d0cf0f

    • SHA256

      1ebd2d0ab3604a34190578551a008aa481fc9659868af22e7a7894894bdc9471

    • SHA512

      d3c8ba1cfd8c032dba6b4527df9830eaf8518d773e9f6e743a539146b4be998ccd56ede4d1e6ae924ab80d01e00f37005cd1b61e9bfb7d25b2e94ee505070ea7

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoL5c:qmbhXDmjr5MOtEvwDpj5cDtKkQZQVe

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks