Overview

overview

10

Static

static

10

2024-05-22...er.exe

windows7-x64

9

2024-05-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-22_db99634f581c422483cb54cb9a574e0c_cryptolocker

  • Size

    45KB

  • Sample

    240522-dcejkaaa39

  • MD5

    db99634f581c422483cb54cb9a574e0c

  • SHA1

    f877958b1a1d81306db2a68135f605043ee6175d

  • SHA256

    b1d6cc703e9d3a36ea9b51b6566ffb98f77ee5a0dbd68614d9f10a13900e3d4d

  • SHA512

    2a8c19034eb984d72de702fe3d5b4aceef5fae1f5d1c0bf6d1f789d527aab3d5b5ce41467d9654e16ad1db7cdcaa5c3cfe02523fa4e25b6b6037bb99fc3e897d

  • SSDEEP

    768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGpebVIYLHA3Kx2:o1KhxqwtdgI2MyzNORQtOflIwoHNV2Xb

Score
10/10

Malware Config

Targets

    • Target

      2024-05-22_db99634f581c422483cb54cb9a574e0c_cryptolocker

    • Size

      45KB

    • MD5

      db99634f581c422483cb54cb9a574e0c

    • SHA1

      f877958b1a1d81306db2a68135f605043ee6175d

    • SHA256

      b1d6cc703e9d3a36ea9b51b6566ffb98f77ee5a0dbd68614d9f10a13900e3d4d

    • SHA512

      2a8c19034eb984d72de702fe3d5b4aceef5fae1f5d1c0bf6d1f789d527aab3d5b5ce41467d9654e16ad1db7cdcaa5c3cfe02523fa4e25b6b6037bb99fc3e897d

    • SSDEEP

      768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGpebVIYLHA3Kx2:o1KhxqwtdgI2MyzNORQtOflIwoHNV2Xb

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks