0af6af3bb37181c3bc690ec676df6903c70925014b24be67d2d5708f096c0f01 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-29_ec6414877ffd282086110007f4faa6bc_cryptolocker
Size

40KB
Sample

240129-t66g5sfgfk
MD5

ec6414877ffd282086110007f4faa6bc
SHA1

0d40d15944cd8411fc14153cef8ce2457e43eff0
SHA256

0af6af3bb37181c3bc690ec676df6903c70925014b24be67d2d5708f096c0f01
SHA512

df684c6218b588af72f14b88ce3d406f549ed381b1ad602753caf14192433e23b3384c4099acd4571c77109c912bf0c48b27b51db8cc5d802eae123d1ff04968
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQLJJzu:ZzFbxmLPWQMOtEvwDpjLeU3q

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-29_ec6414877ffd282086110007f4faa6bc_cryptolocker
- Size
  
  40KB
- MD5
  
  ec6414877ffd282086110007f4faa6bc
- SHA1
  
  0d40d15944cd8411fc14153cef8ce2457e43eff0
- SHA256
  
  0af6af3bb37181c3bc690ec676df6903c70925014b24be67d2d5708f096c0f01
- SHA512
  
  df684c6218b588af72f14b88ce3d406f549ed381b1ad602753caf14192433e23b3384c4099acd4571c77109c912bf0c48b27b51db8cc5d802eae123d1ff04968
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQLJJzu:ZzFbxmLPWQMOtEvwDpjLeU3q
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2