Overview

overview

10

Static

static

10

2024-05-22...er.exe

windows7-x64

9

2024-05-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-22_3f79ad4d2a877316b1223810201d1b78_cryptolocker

  • Size

    31KB

  • Sample

    240522-1ek6fshe8z

  • MD5

    3f79ad4d2a877316b1223810201d1b78

  • SHA1

    b90051df105311a6172956092e6a2be85b9dccf9

  • SHA256

    70d98b113fd21d60b446859383d754a8ba9b94a89c9a5b59bf8724a2cce66137

  • SHA512

    5b413c976f1efed40142e7799f80038fa2fc60d1fb3cab8ff31d1baaf7f8ec98eede7bcdcdce65ad3a9a9708d5f821421d8e20e5276f11762c6da638c42ecab4

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+U8Ss87vhN:b/yC4GyNM01GuQMNXum+NSnN

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-05-22_3f79ad4d2a877316b1223810201d1b78_cryptolocker

    • Size

      31KB

    • MD5

      3f79ad4d2a877316b1223810201d1b78

    • SHA1

      b90051df105311a6172956092e6a2be85b9dccf9

    • SHA256

      70d98b113fd21d60b446859383d754a8ba9b94a89c9a5b59bf8724a2cce66137

    • SHA512

      5b413c976f1efed40142e7799f80038fa2fc60d1fb3cab8ff31d1baaf7f8ec98eede7bcdcdce65ad3a9a9708d5f821421d8e20e5276f11762c6da638c42ecab4

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+U8Ss87vhN:b/yC4GyNM01GuQMNXum+NSnN

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks