Overview

overview

10

Static

static

10

2024-05-23...er.exe

windows7-x64

9

2024-05-23...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_2e0ce2a84c6fd15483c7295a8e0fe413_cryptolocker

  • Size

    37KB

  • Sample

    240523-br2xasgd4y

  • MD5

    2e0ce2a84c6fd15483c7295a8e0fe413

  • SHA1

    cd706c558306dd49296901de471b8c5bb5f2f33b

  • SHA256

    7d2c4ebafd3c3d7029f0c8e6a18553753705d345d1227f5bbc8b3033989869b9

  • SHA512

    776b77de9f0d006e20fc929ea37851cc0cba6b484dbef57d5e1856024d42d9176009984bf7940bdcc5b6ebaed16660721ea84e9dd81cd34efdd71eef08011093

  • SSDEEP

    768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIr:bAvJCF+RQgJeab4sbW

Score
10/10

Malware Config

Targets

    • Target

      2024-05-23_2e0ce2a84c6fd15483c7295a8e0fe413_cryptolocker

    • Size

      37KB

    • MD5

      2e0ce2a84c6fd15483c7295a8e0fe413

    • SHA1

      cd706c558306dd49296901de471b8c5bb5f2f33b

    • SHA256

      7d2c4ebafd3c3d7029f0c8e6a18553753705d345d1227f5bbc8b3033989869b9

    • SHA512

      776b77de9f0d006e20fc929ea37851cc0cba6b484dbef57d5e1856024d42d9176009984bf7940bdcc5b6ebaed16660721ea84e9dd81cd34efdd71eef08011093

    • SSDEEP

      768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIr:bAvJCF+RQgJeab4sbW

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks