Overview

overview

10

Static

static

10

2024-06-15...er.exe

windows7-x64

9

2024-06-15...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-15_a3b1d238e0383f4da928b7a93a9d78c3_cryptolocker

  • Size

    43KB

  • Sample

    240615-wlvk9atclq

  • MD5

    a3b1d238e0383f4da928b7a93a9d78c3

  • SHA1

    578ab072666a44072db845c88bb728e95ccab14a

  • SHA256

    0b2c82dae7299ed06f7330e90040b33d8dde922c989adfa82bdd28e2723e408b

  • SHA512

    ea22b5fcab3fc90c55281d9c99abbdb916423b2866fe0852b7f7b286c8fd7471ce50fcf58842a5b636d3249c84254d84801f5b571f8fbe0866f0e543fadd0834

  • SSDEEP

    768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n9Y:m5nkFNMOtEvwDpjG8hgpY19Y

Score
10/10

Malware Config

Targets

    • Target

      2024-06-15_a3b1d238e0383f4da928b7a93a9d78c3_cryptolocker

    • Size

      43KB

    • MD5

      a3b1d238e0383f4da928b7a93a9d78c3

    • SHA1

      578ab072666a44072db845c88bb728e95ccab14a

    • SHA256

      0b2c82dae7299ed06f7330e90040b33d8dde922c989adfa82bdd28e2723e408b

    • SHA512

      ea22b5fcab3fc90c55281d9c99abbdb916423b2866fe0852b7f7b286c8fd7471ce50fcf58842a5b636d3249c84254d84801f5b571f8fbe0866f0e543fadd0834

    • SSDEEP

      768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n9Y:m5nkFNMOtEvwDpjG8hgpY19Y

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks