8a82213f0fa801ca9f0fada147e7faf9389d259228b86813f1bfe5f2a37364c8 | Triage

Sharing

General

Target

2024-01-27_32957a3a3214e007ae302dfa48c799b4_cryptolocker
Size

75KB
Sample

240127-qp34xadaa6
MD5

32957a3a3214e007ae302dfa48c799b4
SHA1

b836b6fa66c76221cdb0747da037c96fc93f0782
SHA256

8a82213f0fa801ca9f0fada147e7faf9389d259228b86813f1bfe5f2a37364c8
SHA512

4dbe3603332f2bed1b8a9317d7b54ef8323d535c1a40184bc1b25eb7ce8272bd222401e673c50c8af51688fd22c0f68a6be4556e53f789fe262378ed68b8dc60
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWkMm:ZVxkGOtEvwDpjcax/

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-27_32957a3a3214e007ae302dfa48c799b4_cryptolocker
- Size
  
  75KB
- MD5
  
  32957a3a3214e007ae302dfa48c799b4
- SHA1
  
  b836b6fa66c76221cdb0747da037c96fc93f0782
- SHA256
  
  8a82213f0fa801ca9f0fada147e7faf9389d259228b86813f1bfe5f2a37364c8
- SHA512
  
  4dbe3603332f2bed1b8a9317d7b54ef8323d535c1a40184bc1b25eb7ce8272bd222401e673c50c8af51688fd22c0f68a6be4556e53f789fe262378ed68b8dc60
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWkMm:ZVxkGOtEvwDpjcax/
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2