Overview

overview

10

Static

static

10

2024-05-22...er.exe

windows7-x64

9

2024-05-22...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-22_cb10201367bc9e8d2cbdf250f120faa2_cryptolocker

  • Size

    37KB

  • Sample

    240522-zlc8raga4x

  • MD5

    cb10201367bc9e8d2cbdf250f120faa2

  • SHA1

    005db97dd73331216ff9d698571c0d208af61179

  • SHA256

    18e106d2c47f85f4b220e712e909ab3eda05e302cc57e8bee749e7177c635bcc

  • SHA512

    f7a6e4a487de5207b3ee64cdc9b77b00c73174d768a6f13d4447ba632f7d303908bd3b93ced9f7db61dc2d7d2954b534de8af503d2113a5675f06e26279a540e

  • SSDEEP

    768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4h62:fT+hsMQMOtEvwDpjoIHh62

Score
10/10

Malware Config

Targets

    • Target

      2024-05-22_cb10201367bc9e8d2cbdf250f120faa2_cryptolocker

    • Size

      37KB

    • MD5

      cb10201367bc9e8d2cbdf250f120faa2

    • SHA1

      005db97dd73331216ff9d698571c0d208af61179

    • SHA256

      18e106d2c47f85f4b220e712e909ab3eda05e302cc57e8bee749e7177c635bcc

    • SHA512

      f7a6e4a487de5207b3ee64cdc9b77b00c73174d768a6f13d4447ba632f7d303908bd3b93ced9f7db61dc2d7d2954b534de8af503d2113a5675f06e26279a540e

    • SSDEEP

      768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4h62:fT+hsMQMOtEvwDpjoIHh62

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks