f7f7ba8f0e22ede5eef13130ced9ffb4ed3bcd2c51b33bf5a1a720ca0fb717e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-25_9fc7db9a9c18ac76494e18d6b464674c_cryptolocker
Size

37KB
Sample

240125-y9wvbsegc8
MD5

9fc7db9a9c18ac76494e18d6b464674c
SHA1

6d99318862dc07eaa1fc1b0c2ac783cd0cf00762
SHA256

f7f7ba8f0e22ede5eef13130ced9ffb4ed3bcd2c51b33bf5a1a720ca0fb717e4
SHA512

49cda055c5d4285bcd4aca0e075ffd5d42b04337b702a9b2e051f9f2cec3d82899041f943dacd4750cca11151cf9d84d6d99d4ef96d9a61b63caab67fccef6f2
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nb/mViY:bAvJCYOOvbRPDEgXrNekd7l94i3p/hQ

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-25_9fc7db9a9c18ac76494e18d6b464674c_cryptolocker
- Size
  
  37KB
- MD5
  
  9fc7db9a9c18ac76494e18d6b464674c
- SHA1
  
  6d99318862dc07eaa1fc1b0c2ac783cd0cf00762
- SHA256
  
  f7f7ba8f0e22ede5eef13130ced9ffb4ed3bcd2c51b33bf5a1a720ca0fb717e4
- SHA512
  
  49cda055c5d4285bcd4aca0e075ffd5d42b04337b702a9b2e051f9f2cec3d82899041f943dacd4750cca11151cf9d84d6d99d4ef96d9a61b63caab67fccef6f2
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nb/mViY:bAvJCYOOvbRPDEgXrNekd7l94i3p/hQ
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2