General

  • Target

    2024-05-23_85c18dc9159d669bb3c1443a83efd37b_cryptolocker

  • Size

    68KB

  • Sample

    240523-bveaeagg53

  • MD5

    85c18dc9159d669bb3c1443a83efd37b

  • SHA1

    e13495a7c5292df54a5d2dbd781ac7cfa1d58ff8

  • SHA256

    c17c7ba43557b380efafa61a4689db09da342187497e20b1c9540597c0aedc76

  • SHA512

    44cd658832af657b89c5d511d5bf57f7074ab9663a276cd4bbcc81a7156185e6fd94484792f66d24d17a931e205052e1ce39fae1190af346ef9690bdcc5ba074

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFIb:6j+1NMOtEvwDpjr8ox8UDEpN/jy

Score
10/10

Malware Config

Targets

    • Target

      2024-05-23_85c18dc9159d669bb3c1443a83efd37b_cryptolocker

    • Size

      68KB

    • MD5

      85c18dc9159d669bb3c1443a83efd37b

    • SHA1

      e13495a7c5292df54a5d2dbd781ac7cfa1d58ff8

    • SHA256

      c17c7ba43557b380efafa61a4689db09da342187497e20b1c9540597c0aedc76

    • SHA512

      44cd658832af657b89c5d511d5bf57f7074ab9663a276cd4bbcc81a7156185e6fd94484792f66d24d17a931e205052e1ce39fae1190af346ef9690bdcc5ba074

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFIb:6j+1NMOtEvwDpjr8ox8UDEpN/jy

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks