Overview

overview

10

Static

static

10

2024-05-23...er.exe

windows7-x64

9

2024-05-23...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_aef05547629d8939ab63e36bb5448b95_cryptolocker

  • Size

    32KB

  • Sample

    240523-wxswssbe9s

  • MD5

    aef05547629d8939ab63e36bb5448b95

  • SHA1

    80a098926127c3e2f38e015e572dc18127bbe395

  • SHA256

    71a6af38b2abe51bc25645d8bb64bb7ffda6190b5f8f372a6d4f3020ab47e6d7

  • SHA512

    697da97facb35b70199e3755195d2be9f6c59681581219662d9d635b9c134b64f06e6c83bdb228e14fac7bc431548c00ed82efb9e19e6e8b37a15ca89043a660

  • SSDEEP

    384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGOKei:bG74zYcgT/Ekd0ryfjUei

Score
10/10

Malware Config

Targets

    • Target

      2024-05-23_aef05547629d8939ab63e36bb5448b95_cryptolocker

    • Size

      32KB

    • MD5

      aef05547629d8939ab63e36bb5448b95

    • SHA1

      80a098926127c3e2f38e015e572dc18127bbe395

    • SHA256

      71a6af38b2abe51bc25645d8bb64bb7ffda6190b5f8f372a6d4f3020ab47e6d7

    • SHA512

      697da97facb35b70199e3755195d2be9f6c59681581219662d9d635b9c134b64f06e6c83bdb228e14fac7bc431548c00ed82efb9e19e6e8b37a15ca89043a660

    • SSDEEP

      384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGOKei:bG74zYcgT/Ekd0ryfjUei

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks