General

  • Target

    2024-05-30_245cf3d8a94614d24de108af46991af7_cryptolocker

  • Size

    57KB

  • Sample

    240530-bttcyaad77

  • MD5

    245cf3d8a94614d24de108af46991af7

  • SHA1

    58de39f035457b9497b1601982f6de6d564839a7

  • SHA256

    132c91020977413004729c9d47adf3c79fd59fe7b47a7258b24885151bcd4655

  • SHA512

    b22c4fe329a4f36648d93b27cde4362840bbce33851250e6be6a077a0b93275e3382c7d6c6b0133dac5fc6167d909037310f2f5de417200a5fe858ad82bf4f50

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6eT:6j+1NMOtEvwDpjr8oxExe6g

Score
10/10

Malware Config

Targets

    • Target

      2024-05-30_245cf3d8a94614d24de108af46991af7_cryptolocker

    • Size

      57KB

    • MD5

      245cf3d8a94614d24de108af46991af7

    • SHA1

      58de39f035457b9497b1601982f6de6d564839a7

    • SHA256

      132c91020977413004729c9d47adf3c79fd59fe7b47a7258b24885151bcd4655

    • SHA512

      b22c4fe329a4f36648d93b27cde4362840bbce33851250e6be6a077a0b93275e3382c7d6c6b0133dac5fc6167d909037310f2f5de417200a5fe858ad82bf4f50

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6eT:6j+1NMOtEvwDpjr8oxExe6g

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks