Overview

overview

10

Static

static

1

Ransomware.rar

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ransomware.rar

  • Size

    2.0MB

  • Sample

    250325-1q75css1cs

  • MD5

    be9234c7da40177c8ac943cfa675a9ce

  • SHA1

    debe723432e936459324cd3a3dd36a79a69b6389

  • SHA256

    73ab84178a6cddd1589f0d9ba8634dbcbd3dec886ed280a836d302a023a9fc9f

  • SHA512

    76189183d32c041a7c23191ea74b8bc22fe94d04808e11b9943b111fb592325fda0784e8a2832d6dfc980e947b07a02ad8a3934380f18de4cfd7fb0b6dbe554c

  • SSDEEP

    49152:OolgsK4DPhW3GaMrnPO1+WCanyw9uJb49xiSXRzxklk:OolDK4DYWaCOiatuSvh9klk

Score
10/10
cryptolockerransomware

Malware Config

Targets

    • Target

      Ransomware.rar

    • Size

      2.0MB

    • MD5

      be9234c7da40177c8ac943cfa675a9ce

    • SHA1

      debe723432e936459324cd3a3dd36a79a69b6389

    • SHA256

      73ab84178a6cddd1589f0d9ba8634dbcbd3dec886ed280a836d302a023a9fc9f

    • SHA512

      76189183d32c041a7c23191ea74b8bc22fe94d04808e11b9943b111fb592325fda0784e8a2832d6dfc980e947b07a02ad8a3934380f18de4cfd7fb0b6dbe554c

    • SSDEEP

      49152:OolgsK4DPhW3GaMrnPO1+WCanyw9uJb49xiSXRzxklk:OolDK4DYWaCOiatuSvh9klk

    Score
    10/10
    cryptolockerransomware

    • CryptoLocker

      Ransomware family with multiple variants.

      ransomwarecryptolocker

    • Cryptolocker family

      cryptolocker

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks