6fac70edfbf278ef5311318037d44a53cea84ac3d4ccf03286917afebe17d774 | Triage

Sharing

General

Target

2024-01-18_edba3ed65f19446bd92fac730c8f5db2_cryptolocker
Size

43KB
Sample

240118-3jdnaagdem
MD5

edba3ed65f19446bd92fac730c8f5db2
SHA1

581750b3392f9620376a51df25964632fa7a7f41
SHA256

6fac70edfbf278ef5311318037d44a53cea84ac3d4ccf03286917afebe17d774
SHA512

ec9288f7a717d4df28e87b90b0d17d911daec507a37e06d709b10960a68c129e97f7fec34d0d18261219dc7c396ac4e2479850e5b66c00920f021adeed2b1d63
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wso:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1y

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-18_edba3ed65f19446bd92fac730c8f5db2_cryptolocker
- Size
  
  43KB
- MD5
  
  edba3ed65f19446bd92fac730c8f5db2
- SHA1
  
  581750b3392f9620376a51df25964632fa7a7f41
- SHA256
  
  6fac70edfbf278ef5311318037d44a53cea84ac3d4ccf03286917afebe17d774
- SHA512
  
  ec9288f7a717d4df28e87b90b0d17d911daec507a37e06d709b10960a68c129e97f7fec34d0d18261219dc7c396ac4e2479850e5b66c00920f021adeed2b1d63
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wso:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1y
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2