General

  • Target

    2024-06-03_2b6fc4f9fee73fc776bf73f15870d759_cryptolocker

  • Size

    43KB

  • Sample

    240603-lgn8kaab5t

  • MD5

    2b6fc4f9fee73fc776bf73f15870d759

  • SHA1

    9a440575823eff599dc0b87073fd516090e3fb96

  • SHA256

    efcd573b447f8385271fe4cccb2c33600508997463dac5b63bf4e3faa4c52a9c

  • SHA512

    18b4c034e04c86777c1fc820810b767dceac36b51115302498b2bdd693fe9fde8a5078ca1d68aa8d4b7251c5ea71c1ffb4e539bcac32f2dd26a8a0ca074b9170

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAb:b/pYayGig5HjS3NPAb

Score
10/10

Malware Config

Targets

    • Target

      2024-06-03_2b6fc4f9fee73fc776bf73f15870d759_cryptolocker

    • Size

      43KB

    • MD5

      2b6fc4f9fee73fc776bf73f15870d759

    • SHA1

      9a440575823eff599dc0b87073fd516090e3fb96

    • SHA256

      efcd573b447f8385271fe4cccb2c33600508997463dac5b63bf4e3faa4c52a9c

    • SHA512

      18b4c034e04c86777c1fc820810b767dceac36b51115302498b2bdd693fe9fde8a5078ca1d68aa8d4b7251c5ea71c1ffb4e539bcac32f2dd26a8a0ca074b9170

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAb:b/pYayGig5HjS3NPAb

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks