General

  • Target

    2024-06-09_30cdb8c0f05d16b465c7b604d7e68423_cryptolocker

  • Size

    44KB

  • Sample

    240609-h8xr8sfe5v

  • MD5

    30cdb8c0f05d16b465c7b604d7e68423

  • SHA1

    a3741bf1c9d52113ed7adafc17a38ac11c41c722

  • SHA256

    1738442e5659e30279ff4fe8729bb4815aee7090da5bbc3fd721476c7005595b

  • SHA512

    9a3ead152e3cc989a9142dbd7c501a6ebc275d51dd201365845741d404392e0dea4d9a3377390fd8385c0cb4aa26c850c559b76f22006d6a70a4501b64a953b6

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAdz:b/pYayGig5HjS3NPAdz

Score
10/10

Malware Config

Targets

    • Target

      2024-06-09_30cdb8c0f05d16b465c7b604d7e68423_cryptolocker

    • Size

      44KB

    • MD5

      30cdb8c0f05d16b465c7b604d7e68423

    • SHA1

      a3741bf1c9d52113ed7adafc17a38ac11c41c722

    • SHA256

      1738442e5659e30279ff4fe8729bb4815aee7090da5bbc3fd721476c7005595b

    • SHA512

      9a3ead152e3cc989a9142dbd7c501a6ebc275d51dd201365845741d404392e0dea4d9a3377390fd8385c0cb4aa26c850c559b76f22006d6a70a4501b64a953b6

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAdz:b/pYayGig5HjS3NPAdz

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks