cfd74171c5653e532f4d7e93e80c591f964239d3e5306561729fb0cc2fd8be18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_f4efcb306e9c727df4e3ff1baefb7b3e_cryptolocker
Size

38KB
Sample

240123-1byblsaccp
MD5

f4efcb306e9c727df4e3ff1baefb7b3e
SHA1

dcfebc13a0644e7bc16bc793c3bb5e7c96f1dd60
SHA256

cfd74171c5653e532f4d7e93e80c591f964239d3e5306561729fb0cc2fd8be18
SHA512

800b0a0a65a856974af45a149555e99f067fb14cc7054dea002937e7bbf9f7422011288fa30a9aa8158d1599e603f76548884d85f28d4cdb9f082ebeac0fc6cc
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+iV:bAvJCYOOvbRPDEgXrNekd7l94i3p+B

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-23_f4efcb306e9c727df4e3ff1baefb7b3e_cryptolocker
- Size
  
  38KB
- MD5
  
  f4efcb306e9c727df4e3ff1baefb7b3e
- SHA1
  
  dcfebc13a0644e7bc16bc793c3bb5e7c96f1dd60
- SHA256
  
  cfd74171c5653e532f4d7e93e80c591f964239d3e5306561729fb0cc2fd8be18
- SHA512
  
  800b0a0a65a856974af45a149555e99f067fb14cc7054dea002937e7bbf9f7422011288fa30a9aa8158d1599e603f76548884d85f28d4cdb9f082ebeac0fc6cc
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+iV:bAvJCYOOvbRPDEgXrNekd7l94i3p+B
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2