d901488dafbf46da3aafbaf7e1a1857495901995e7784b8334c8d97aa06f8bc5 | Triage

Sharing

General

Target

2024-02-03_c34cc7de37dfa45ed4cbcf92d8cb89c6_cryptolocker
Size

30KB
Sample

240203-a5b3csdad7
MD5

c34cc7de37dfa45ed4cbcf92d8cb89c6
SHA1

d8d226d68b169b047372722f8673c006ac995823
SHA256

d901488dafbf46da3aafbaf7e1a1857495901995e7784b8334c8d97aa06f8bc5
SHA512

765fe00eaadefb8eb8ee2c1abdb8e4d893282d2835f47361ca18e85e7aa090f70a73b6043d8781d84e642e758fb9caf742a0cbce8e78c21f15a093b68f676438
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qV:bAvJCYOOvbRPDEgXRc+BV

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-03_c34cc7de37dfa45ed4cbcf92d8cb89c6_cryptolocker
- Size
  
  30KB
- MD5
  
  c34cc7de37dfa45ed4cbcf92d8cb89c6
- SHA1
  
  d8d226d68b169b047372722f8673c006ac995823
- SHA256
  
  d901488dafbf46da3aafbaf7e1a1857495901995e7784b8334c8d97aa06f8bc5
- SHA512
  
  765fe00eaadefb8eb8ee2c1abdb8e4d893282d2835f47361ca18e85e7aa090f70a73b6043d8781d84e642e758fb9caf742a0cbce8e78c21f15a093b68f676438
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qV:bAvJCYOOvbRPDEgXRc+BV
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2