General

  • Target

    2024-06-06_97e32992119b6a30da830294cb6896e8_cryptolocker

  • Size

    58KB

  • Sample

    240606-1dp31scc5v

  • MD5

    97e32992119b6a30da830294cb6896e8

  • SHA1

    41709cbfd5c60069f69e808d03eeac15089622f5

  • SHA256

    ac53e542a6a6fa93f1761f217888703e1b011dd32f60a3dd32f60182fd4c2a17

  • SHA512

    d70445744be6307ec0d5f9bd33e04a85e0c5270490717a3ac18a13c999a6e4d59785d09a201f9d4d16bf6f00cc7f4f76391a3f0561e3aeefefb3b58bfd15eb33

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4Z:6j+1NMOtEvwDpjr8oxExe4Z

Score
10/10

Malware Config

Targets

    • Target

      2024-06-06_97e32992119b6a30da830294cb6896e8_cryptolocker

    • Size

      58KB

    • MD5

      97e32992119b6a30da830294cb6896e8

    • SHA1

      41709cbfd5c60069f69e808d03eeac15089622f5

    • SHA256

      ac53e542a6a6fa93f1761f217888703e1b011dd32f60a3dd32f60182fd4c2a17

    • SHA512

      d70445744be6307ec0d5f9bd33e04a85e0c5270490717a3ac18a13c999a6e4d59785d09a201f9d4d16bf6f00cc7f4f76391a3f0561e3aeefefb3b58bfd15eb33

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4Z:6j+1NMOtEvwDpjr8oxExe4Z

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks