General

  • Target

    2024-06-11_c42adcad77ffcebc7c00725a75faf871_cryptolocker

  • Size

    52KB

  • Sample

    240611-c4q61a1dlc

  • MD5

    c42adcad77ffcebc7c00725a75faf871

  • SHA1

    e48e428b3f00eb39e07434629693e7f3bbb2632f

  • SHA256

    4605a392237395b85f11de7593445236946fd18a2f6252a9e7cde2e26255fc35

  • SHA512

    554b6c4f5fa66d0db88f224358f606c99d99f504b5e55629e1fa0422cee4bed9f8e772c1679ee0731d6c6fe1cd1371c87feceb42f5b5bda841fa36353ae32798

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRY+iyys:6j+1NMOtEvwDpjr8hhXy+iyys

Score
10/10

Malware Config

Targets

    • Target

      2024-06-11_c42adcad77ffcebc7c00725a75faf871_cryptolocker

    • Size

      52KB

    • MD5

      c42adcad77ffcebc7c00725a75faf871

    • SHA1

      e48e428b3f00eb39e07434629693e7f3bbb2632f

    • SHA256

      4605a392237395b85f11de7593445236946fd18a2f6252a9e7cde2e26255fc35

    • SHA512

      554b6c4f5fa66d0db88f224358f606c99d99f504b5e55629e1fa0422cee4bed9f8e772c1679ee0731d6c6fe1cd1371c87feceb42f5b5bda841fa36353ae32798

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRY+iyys:6j+1NMOtEvwDpjr8hhXy+iyys

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks