fd4800d5197d7ed4b193c6ad0a5e291fd37394b7191053482d11bd6a2de9bb1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-27_cb647dd9f0c25b718fd6652aa3b6b90f_cryptolocker
Size

63KB
Sample

240127-f79djafgcr
MD5

cb647dd9f0c25b718fd6652aa3b6b90f
SHA1

3e5d488962fb6108d9a004e346d1e19dc384f2a1
SHA256

fd4800d5197d7ed4b193c6ad0a5e291fd37394b7191053482d11bd6a2de9bb1c
SHA512

454fb6120e9d2a22cbd41719717816ca12494b9348b856ca78dcb1854bda27210ff7589af3b1a21df72740bf715d52b29b5ef5ba99cdbd9e65979aca30b4d7da
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3hvLcbVb:ZVxkGOtEvwDpjcawB

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-27_cb647dd9f0c25b718fd6652aa3b6b90f_cryptolocker
- Size
  
  63KB
- MD5
  
  cb647dd9f0c25b718fd6652aa3b6b90f
- SHA1
  
  3e5d488962fb6108d9a004e346d1e19dc384f2a1
- SHA256
  
  fd4800d5197d7ed4b193c6ad0a5e291fd37394b7191053482d11bd6a2de9bb1c
- SHA512
  
  454fb6120e9d2a22cbd41719717816ca12494b9348b856ca78dcb1854bda27210ff7589af3b1a21df72740bf715d52b29b5ef5ba99cdbd9e65979aca30b4d7da
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3hvLcbVb:ZVxkGOtEvwDpjcawB
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2