370b71ca2f6a70abcc9019bbce85e0281c482e804ef58fe92f315154024757b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_f10597afb3da183f1cd209edd356bb02_cryptolocker
Size

31KB
Sample

240125-mkqq8sefbr
MD5

f10597afb3da183f1cd209edd356bb02
SHA1

992a64108bee6377948df6d016ed8db9eb7ea8f2
SHA256

370b71ca2f6a70abcc9019bbce85e0281c482e804ef58fe92f315154024757b4
SHA512

e601d899e32be4b07fdf62661101be1c8515977043a980adaca8c03cd9fbb00bf23ecd3b827fc4ca9a8c590d6693d532efe7b9b330a1a0d9bf8b07c0a7a73123
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gd:bAvJCYOOvbRPDEgXRcuM9gd

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-25_f10597afb3da183f1cd209edd356bb02_cryptolocker
- Size
  
  31KB
- MD5
  
  f10597afb3da183f1cd209edd356bb02
- SHA1
  
  992a64108bee6377948df6d016ed8db9eb7ea8f2
- SHA256
  
  370b71ca2f6a70abcc9019bbce85e0281c482e804ef58fe92f315154024757b4
- SHA512
  
  e601d899e32be4b07fdf62661101be1c8515977043a980adaca8c03cd9fbb00bf23ecd3b827fc4ca9a8c590d6693d532efe7b9b330a1a0d9bf8b07c0a7a73123
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gd:bAvJCYOOvbRPDEgXRcuM9gd
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2