7ebfdac77d42ea3f71c577d44f98c9b5316a788772540e398523f396877140b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_61b988e90c64496cf9c85930d5a37b2e_cryptolocker
Size

73KB
Sample

240203-svbb7aegfn
MD5

61b988e90c64496cf9c85930d5a37b2e
SHA1

1af49b8224d9ceb6ab519cfe3a1241a3d3c270fc
SHA256

7ebfdac77d42ea3f71c577d44f98c9b5316a788772540e398523f396877140b5
SHA512

9d6f9129ea88b5b0f11277015ff16a14ac5f786db0294ff59c37dec044047d14ee6d74f4d80f1e16e20c35e8ac30848a59bfcd9c2089b5910fdc4f4b7cb87a89
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUfh:ZVxkGOtEvwDpjcajh

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-03_61b988e90c64496cf9c85930d5a37b2e_cryptolocker
- Size
  
  73KB
- MD5
  
  61b988e90c64496cf9c85930d5a37b2e
- SHA1
  
  1af49b8224d9ceb6ab519cfe3a1241a3d3c270fc
- SHA256
  
  7ebfdac77d42ea3f71c577d44f98c9b5316a788772540e398523f396877140b5
- SHA512
  
  9d6f9129ea88b5b0f11277015ff16a14ac5f786db0294ff59c37dec044047d14ee6d74f4d80f1e16e20c35e8ac30848a59bfcd9c2089b5910fdc4f4b7cb87a89
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUfh:ZVxkGOtEvwDpjcajh
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2