Overview

overview

10

Static

static

10

2024-05-22...er.exe

windows7-x64

9

2024-05-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-22_5201163219dbaf4cafe1af292a4baffb_cryptolocker

  • Size

    33KB

  • Sample

    240522-c1rncshe67

  • MD5

    5201163219dbaf4cafe1af292a4baffb

  • SHA1

    4d94ef674860062731a01f042cd1b61df61af2b1

  • SHA256

    33cd48b797a51192ac5578b67e534e6ca5effac76c685bc8d50082007eb2c920

  • SHA512

    7bf5bb6f53db10bc2696551eea9490c3070d603af86c6c858936d6d7a5c3417e4b2924dbad373f3c0e32e607d56e0995ca7e9ca269fc149b1b3a21f4b181d377

  • SSDEEP

    384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGLZ92:bG74zYcgT/Ekd0ryfjgj2

Score
10/10

Malware Config

Targets

    • Target

      2024-05-22_5201163219dbaf4cafe1af292a4baffb_cryptolocker

    • Size

      33KB

    • MD5

      5201163219dbaf4cafe1af292a4baffb

    • SHA1

      4d94ef674860062731a01f042cd1b61df61af2b1

    • SHA256

      33cd48b797a51192ac5578b67e534e6ca5effac76c685bc8d50082007eb2c920

    • SHA512

      7bf5bb6f53db10bc2696551eea9490c3070d603af86c6c858936d6d7a5c3417e4b2924dbad373f3c0e32e607d56e0995ca7e9ca269fc149b1b3a21f4b181d377

    • SSDEEP

      384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGLZ92:bG74zYcgT/Ekd0ryfjgj2

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks