Overview

overview

10

Static

static

10

5e902a1381...c9.exe

windows7-x64

10

5e902a1381...c9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9.bin

  • Size

    208KB

  • Sample

    240621-cvvg3azepm

  • MD5

    12bc78e07cb69dd6ec32729240dbe537

  • SHA1

    7b7d9b115ec10074f7166ec3379fead6e816da59

  • SHA256

    5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9

  • SHA512

    c974592671b081d0af48c1aab9f9f02243773a081d9fadf70e3caa7454dca657b45bece27852397e74f601df1abdf5db496c821a5df624057355fd15c807e15a

  • SSDEEP

    3072:GXbUMNAwQ2Jpo/AkQCUyevi8xRpz81NADJ2:ibUMKwQ2J4ReviSjeKN

Score
10/10
cryptolockerdefense_evasionexecutionimpactransomware

Malware Config

Targets

    • Target

      5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9.bin

    • Size

      208KB

    • MD5

      12bc78e07cb69dd6ec32729240dbe537

    • SHA1

      7b7d9b115ec10074f7166ec3379fead6e816da59

    • SHA256

      5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9

    • SHA512

      c974592671b081d0af48c1aab9f9f02243773a081d9fadf70e3caa7454dca657b45bece27852397e74f601df1abdf5db496c821a5df624057355fd15c807e15a

    • SSDEEP

      3072:GXbUMNAwQ2Jpo/AkQCUyevi8xRpz81NADJ2:ibUMKwQ2J4ReviSjeKN

    Score
    10/10
    cryptolockerdefense_evasionexecutionimpactransomware

    • CryptoLocker

      Ransomware family with multiple variants.

      ransomwarecryptolocker

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomwaredefense_evasionimpactexecution

    • Detects command variations typically used by ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks