0c0b88e5676eb7bd7c6c03484ed544be6c4bf404485490109e6d50906a3382cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-28_1e89f4dd4fe6cc5f1d0e265ccc72f611_cryptolocker
Size

30KB
Sample

240128-e2c8gachcq
MD5

1e89f4dd4fe6cc5f1d0e265ccc72f611
SHA1

2f96d898e44390952d86a2f29b43d87d50130dad
SHA256

0c0b88e5676eb7bd7c6c03484ed544be6c4bf404485490109e6d50906a3382cf
SHA512

d7a9e86540dea13ac7a8cf4bf49b9b3ab6fb6123f9303dd69ac81ba7caae3dfdebbf8a3a7688ba9ef9f2179e168352779ebb1c856d034dad2f4e5dd805347bcb
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qZ:bAvJCYOOvbRPDEgXRc+BZ

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-28_1e89f4dd4fe6cc5f1d0e265ccc72f611_cryptolocker
- Size
  
  30KB
- MD5
  
  1e89f4dd4fe6cc5f1d0e265ccc72f611
- SHA1
  
  2f96d898e44390952d86a2f29b43d87d50130dad
- SHA256
  
  0c0b88e5676eb7bd7c6c03484ed544be6c4bf404485490109e6d50906a3382cf
- SHA512
  
  d7a9e86540dea13ac7a8cf4bf49b9b3ab6fb6123f9303dd69ac81ba7caae3dfdebbf8a3a7688ba9ef9f2179e168352779ebb1c856d034dad2f4e5dd805347bcb
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qZ:bAvJCYOOvbRPDEgXRc+BZ
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2