Overview

overview

10

Static

static

10

2024-05-23...er.exe

windows7-x64

9

2024-05-23...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_8ae7edf8d89d545fe64a65e57955a2d4_cryptolocker

  • Size

    46KB

  • Sample

    240523-c2a21aba29

  • MD5

    8ae7edf8d89d545fe64a65e57955a2d4

  • SHA1

    a255fc6a7e93b664334f139138c539658e2e0ee8

  • SHA256

    dea14290a5b9c6d14c49203b0de280455913e89f7c5548a2fba9892bffddb1ef

  • SHA512

    b50d559e3a89a3882df87fbd0b05bf86825725261ce3906a94eb62588fd637563e0a29a2cdafd2423b85deea27965e45f252c9ca95ae9bb2b577fb5affb16427

  • SSDEEP

    768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YOzzfm0EXsJ0:V6QFElP6n+gMQMOtEvwDpjyaYaFAh3h

Score
10/10

Malware Config

Targets

    • Target

      2024-05-23_8ae7edf8d89d545fe64a65e57955a2d4_cryptolocker

    • Size

      46KB

    • MD5

      8ae7edf8d89d545fe64a65e57955a2d4

    • SHA1

      a255fc6a7e93b664334f139138c539658e2e0ee8

    • SHA256

      dea14290a5b9c6d14c49203b0de280455913e89f7c5548a2fba9892bffddb1ef

    • SHA512

      b50d559e3a89a3882df87fbd0b05bf86825725261ce3906a94eb62588fd637563e0a29a2cdafd2423b85deea27965e45f252c9ca95ae9bb2b577fb5affb16427

    • SSDEEP

      768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YOzzfm0EXsJ0:V6QFElP6n+gMQMOtEvwDpjyaYaFAh3h

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks