e6f54c9f0da7f448a237ed30788bd541d8458ebb42b1f48447ccca8a77d84a9b | Triage

Sharing

General

Target

2024-02-03_194f020d4f3213613137c0606ae3634e_cryptolocker
Size

38KB
Sample

240203-edg7hsaggq
MD5

194f020d4f3213613137c0606ae3634e
SHA1

362e2a50882f3bfa140ff897818d8650b33810ea
SHA256

e6f54c9f0da7f448a237ed30788bd541d8458ebb42b1f48447ccca8a77d84a9b
SHA512

20809bdf3d44fdb3c2ac4ab287718f0e944f9b4f76e0d00ca16468dc43a172737b429ac2f22a81451761f53bc8fa39699bdfa31facabc40ebd3bc915006c96b0
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQLp8:ZzFbxmLPWQMOtEvwDpjLeUu

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-03_194f020d4f3213613137c0606ae3634e_cryptolocker
- Size
  
  38KB
- MD5
  
  194f020d4f3213613137c0606ae3634e
- SHA1
  
  362e2a50882f3bfa140ff897818d8650b33810ea
- SHA256
  
  e6f54c9f0da7f448a237ed30788bd541d8458ebb42b1f48447ccca8a77d84a9b
- SHA512
  
  20809bdf3d44fdb3c2ac4ab287718f0e944f9b4f76e0d00ca16468dc43a172737b429ac2f22a81451761f53bc8fa39699bdfa31facabc40ebd3bc915006c96b0
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQLp8:ZzFbxmLPWQMOtEvwDpjLeUu
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2