6ba3a8e799678dc71594a21bc4b5ef8bee28b3e08ad2658dd0f461093f2de2dc | Triage

Sharing

General

Target

2024-01-27_45b265c72d39beace1f48bb939457efe_cryptolocker
Size

30KB
Sample

240127-sv8mpagehq
MD5

45b265c72d39beace1f48bb939457efe
SHA1

2ea5674eec6287a337da71a8b13345114149be34
SHA256

6ba3a8e799678dc71594a21bc4b5ef8bee28b3e08ad2658dd0f461093f2de2dc
SHA512

3a0ad118aef6379452b3431617d6256a2048d52efa04b0f629fd9f83dbb34a4e596f38395e1e4352d04ac6f7ed907787a39889ed75dac9b3a197668bb0f0e425
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6caS:bAvJCYOOvbRPDEgXRcP

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-27_45b265c72d39beace1f48bb939457efe_cryptolocker
- Size
  
  30KB
- MD5
  
  45b265c72d39beace1f48bb939457efe
- SHA1
  
  2ea5674eec6287a337da71a8b13345114149be34
- SHA256
  
  6ba3a8e799678dc71594a21bc4b5ef8bee28b3e08ad2658dd0f461093f2de2dc
- SHA512
  
  3a0ad118aef6379452b3431617d6256a2048d52efa04b0f629fd9f83dbb34a4e596f38395e1e4352d04ac6f7ed907787a39889ed75dac9b3a197668bb0f0e425
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6caS:bAvJCYOOvbRPDEgXRcP
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2