Overview

overview

10

Static

static

10

2024-05-26...er.exe

windows7-x64

9

2024-05-26...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-26_0abfcb46500bd375132077a7cc7ac9d6_cryptolocker

  • Size

    43KB

  • Sample

    240526-dxzp8sdg88

  • MD5

    0abfcb46500bd375132077a7cc7ac9d6

  • SHA1

    918d04121ce83b406a99c92c623c255cd1e6a01f

  • SHA256

    972697dbd6836d5c3d412151b44effac672fefaff4cb2cce412e19ba257e72d0

  • SHA512

    956ba6dcbeff50fdd59155904e06bfd7b58ee2e7fb511ed3242b66a33ad083a7e7b6fb8c0ffb74a67450c30b7cce699f61a0529b065f6c248ad5c8f2d08c1837

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAx:b/pYayGig5HjS3NPAx

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-05-26_0abfcb46500bd375132077a7cc7ac9d6_cryptolocker

    • Size

      43KB

    • MD5

      0abfcb46500bd375132077a7cc7ac9d6

    • SHA1

      918d04121ce83b406a99c92c623c255cd1e6a01f

    • SHA256

      972697dbd6836d5c3d412151b44effac672fefaff4cb2cce412e19ba257e72d0

    • SHA512

      956ba6dcbeff50fdd59155904e06bfd7b58ee2e7fb511ed3242b66a33ad083a7e7b6fb8c0ffb74a67450c30b7cce699f61a0529b065f6c248ad5c8f2d08c1837

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAx:b/pYayGig5HjS3NPAx

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks