48d05ee66977733021e2dc32813afcf4c3a77f0f5ca5b835c09517d785bf1bf0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_1884b374e381dd6229a05b160c1c5386_cryptolocker
Size

46KB
Sample

240203-h784wabhh9
MD5

1884b374e381dd6229a05b160c1c5386
SHA1

803fcaa70951e335f74bd9cbb489f0fa5c1a45a2
SHA256

48d05ee66977733021e2dc32813afcf4c3a77f0f5ca5b835c09517d785bf1bf0
SHA512

53da7aa1ad53418284b50c218ef5e31b5a01ac5e9432576e0e245a12e145f91e5bc7e7e386b1e60a47d34ab805b04fb24e18cfadecca9b869a2367beb653ec8d
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wse:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1c

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-03_1884b374e381dd6229a05b160c1c5386_cryptolocker
- Size
  
  46KB
- MD5
  
  1884b374e381dd6229a05b160c1c5386
- SHA1
  
  803fcaa70951e335f74bd9cbb489f0fa5c1a45a2
- SHA256
  
  48d05ee66977733021e2dc32813afcf4c3a77f0f5ca5b835c09517d785bf1bf0
- SHA512
  
  53da7aa1ad53418284b50c218ef5e31b5a01ac5e9432576e0e245a12e145f91e5bc7e7e386b1e60a47d34ab805b04fb24e18cfadecca9b869a2367beb653ec8d
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wse:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1c
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2