20b75547bc09c04163b3c8c28df6040e1e141051a360a708616b1c54f93a205a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_cecb3b2587915d6ae3b033ff5ded03f7_cryptolocker
Size

31KB
Sample

240125-lqd4ysdhdk
MD5

cecb3b2587915d6ae3b033ff5ded03f7
SHA1

f791ee2f56ae7f8760f673fe03f48d0e644e7971
SHA256

20b75547bc09c04163b3c8c28df6040e1e141051a360a708616b1c54f93a205a
SHA512

ecf2db1d4117357a7227d01430f499eb1a5cbfab75188a935d1e369853b8a891958361b9053c2aac7092875ff44946712129975c9479d9bcf9e3089c36813d38
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9Z:bAvJCYOOvbRPDEgXRcuM9Z

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-25_cecb3b2587915d6ae3b033ff5ded03f7_cryptolocker
- Size
  
  31KB
- MD5
  
  cecb3b2587915d6ae3b033ff5ded03f7
- SHA1
  
  f791ee2f56ae7f8760f673fe03f48d0e644e7971
- SHA256
  
  20b75547bc09c04163b3c8c28df6040e1e141051a360a708616b1c54f93a205a
- SHA512
  
  ecf2db1d4117357a7227d01430f499eb1a5cbfab75188a935d1e369853b8a891958361b9053c2aac7092875ff44946712129975c9479d9bcf9e3089c36813d38
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9Z:bAvJCYOOvbRPDEgXRcuM9Z
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2