General

  • Target

    2024-06-10_a9a6568e472b581bb48147e2b462d726_cryptolocker

  • Size

    89KB

  • Sample

    240610-gwzkmada3x

  • MD5

    a9a6568e472b581bb48147e2b462d726

  • SHA1

    031b29786b06694ea9494fe59d5bafe1d3b77828

  • SHA256

    b65ed3bfb98a25c53b5f0edaa43c9eed5a64b1eaa6bfd1712536fe3efb4f778a

  • SHA512

    1f79c0bfc76182161ee50123d9d8802cc64c1660f766617beac79d83188c98330f828b96984404c44b78a4212f9fce06b1470f743599afb9afb31c1d7ce999e2

  • SSDEEP

    1536:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8BRAE:okFDOtEvwDpjP2

Score
10/10

Malware Config

Targets

    • Target

      2024-06-10_a9a6568e472b581bb48147e2b462d726_cryptolocker

    • Size

      89KB

    • MD5

      a9a6568e472b581bb48147e2b462d726

    • SHA1

      031b29786b06694ea9494fe59d5bafe1d3b77828

    • SHA256

      b65ed3bfb98a25c53b5f0edaa43c9eed5a64b1eaa6bfd1712536fe3efb4f778a

    • SHA512

      1f79c0bfc76182161ee50123d9d8802cc64c1660f766617beac79d83188c98330f828b96984404c44b78a4212f9fce06b1470f743599afb9afb31c1d7ce999e2

    • SSDEEP

      1536:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8BRAE:okFDOtEvwDpjP2

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks