General

  • Target

    2024-06-10_3c025f2116296084f855d78bb2d91314_cryptolocker

  • Size

    43KB

  • Sample

    240610-fcjvdsch56

  • MD5

    3c025f2116296084f855d78bb2d91314

  • SHA1

    2ea9dfe96755c28fd858806da8b005d2de463e62

  • SHA256

    566f78c31f854f579785261ca69cbd23af9ad7ed55b4073979f1c7f6a093a732

  • SHA512

    0730b99a1e1dc6ce2622d395bdb7f561dd9d03cce41cd588a15d5eaca2e38a8abb4376b4115fa80553032775fa0e45e5c9bb5775662d6da5ddb9b412adf94cd8

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDDU3:6j+1NMOtEvwDpjrRh3

Score
10/10

Malware Config

Targets

    • Target

      2024-06-10_3c025f2116296084f855d78bb2d91314_cryptolocker

    • Size

      43KB

    • MD5

      3c025f2116296084f855d78bb2d91314

    • SHA1

      2ea9dfe96755c28fd858806da8b005d2de463e62

    • SHA256

      566f78c31f854f579785261ca69cbd23af9ad7ed55b4073979f1c7f6a093a732

    • SHA512

      0730b99a1e1dc6ce2622d395bdb7f561dd9d03cce41cd588a15d5eaca2e38a8abb4376b4115fa80553032775fa0e45e5c9bb5775662d6da5ddb9b412adf94cd8

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDDU3:6j+1NMOtEvwDpjrRh3

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks