General

  • Target

    2024-06-01_5077b575954269238eb31dede829101a_cryptolocker

  • Size

    49KB

  • Sample

    240601-yqfn1add6y

  • MD5

    5077b575954269238eb31dede829101a

  • SHA1

    99b52a46c4ad4b1beb3a229c63b3c393b7129fb8

  • SHA256

    af2276b582cc6f3cca3559f666e1b10b4398ad51d819180dbde95803115a8c46

  • SHA512

    4572df91937cdce89fdc4ba0360bc62d23d6ed2e356252ad510957b843662f00109d8a3fe1536d94145ab8303c97f2535c1433af18aac7e39a4e504d97213078

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9Rva/yYsm0i:xj+VGMOtEvwDpjy+viHs7i

Score
10/10

Malware Config

Targets

    • Target

      2024-06-01_5077b575954269238eb31dede829101a_cryptolocker

    • Size

      49KB

    • MD5

      5077b575954269238eb31dede829101a

    • SHA1

      99b52a46c4ad4b1beb3a229c63b3c393b7129fb8

    • SHA256

      af2276b582cc6f3cca3559f666e1b10b4398ad51d819180dbde95803115a8c46

    • SHA512

      4572df91937cdce89fdc4ba0360bc62d23d6ed2e356252ad510957b843662f00109d8a3fe1536d94145ab8303c97f2535c1433af18aac7e39a4e504d97213078

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9Rva/yYsm0i:xj+VGMOtEvwDpjy+viHs7i

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks