General

  • Target

    2024-05-31_186f56534a62d7548e498b6d1e6af4f9_cryptolocker

  • Size

    42KB

  • Sample

    240531-sxv5dacf2v

  • MD5

    186f56534a62d7548e498b6d1e6af4f9

  • SHA1

    e2e6bb77c1624ab6eabe7e9aa07df9caa75ef5c8

  • SHA256

    9a64eba1c21100e404bebfd7b227f0dad7e5fedb28500be0f35f12f5c33171a8

  • SHA512

    d64c5984df7315db5aa5a24c23d658cf62ad696d2252368cc7b1745a848b6596c32f819a338005ae889d9cbb9f41ee56d9b608c7702ac8e21e8c70789a13d66b

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhQ:i5nkFGMOtEvwDpjR+viHshNC

Score
10/10

Malware Config

Targets

    • Target

      2024-05-31_186f56534a62d7548e498b6d1e6af4f9_cryptolocker

    • Size

      42KB

    • MD5

      186f56534a62d7548e498b6d1e6af4f9

    • SHA1

      e2e6bb77c1624ab6eabe7e9aa07df9caa75ef5c8

    • SHA256

      9a64eba1c21100e404bebfd7b227f0dad7e5fedb28500be0f35f12f5c33171a8

    • SHA512

      d64c5984df7315db5aa5a24c23d658cf62ad696d2252368cc7b1745a848b6596c32f819a338005ae889d9cbb9f41ee56d9b608c7702ac8e21e8c70789a13d66b

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhQ:i5nkFGMOtEvwDpjR+viHshNC

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks