General

  • Target

    2024-05-27_9b360da9108e3051d524b22dcdb30995_cryptolocker

  • Size

    48KB

  • Sample

    240527-w9bhaaef76

  • MD5

    9b360da9108e3051d524b22dcdb30995

  • SHA1

    34438d6632e63dafb81c661928128753ab8ad483

  • SHA256

    e568d58a87491e969d954687380f298583d8b8a2c5e9d91ba03aa47e939da736

  • SHA512

    40bd381784158041af5a60635c33921db14faa3328981e5f347e28538c563a11e2469d003fa903972e3912e7d06feafafb34739425e48e1bc002b10a7f61bb28

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhAVs:xj+VGMOtEvwDpjy+TRhus

Score
10/10

Malware Config

Targets

    • Target

      2024-05-27_9b360da9108e3051d524b22dcdb30995_cryptolocker

    • Size

      48KB

    • MD5

      9b360da9108e3051d524b22dcdb30995

    • SHA1

      34438d6632e63dafb81c661928128753ab8ad483

    • SHA256

      e568d58a87491e969d954687380f298583d8b8a2c5e9d91ba03aa47e939da736

    • SHA512

      40bd381784158041af5a60635c33921db14faa3328981e5f347e28538c563a11e2469d003fa903972e3912e7d06feafafb34739425e48e1bc002b10a7f61bb28

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhAVs:xj+VGMOtEvwDpjy+TRhus

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks