8be60d6d54879678157043711c94caa777585bab8d95bfa3a16bf5d3638b67dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-03_82c2f026d9c844bd0ee2a025925491d2_cryptolocker
Size

37KB
Sample

240203-x7hdgsahdk
MD5

82c2f026d9c844bd0ee2a025925491d2
SHA1

8296ec9cbb050399ed9d59a71efb7f90664a392a
SHA256

8be60d6d54879678157043711c94caa777585bab8d95bfa3a16bf5d3638b67dc
SHA512

a633693ca87ab355f890043e67520301410db6b5a6db1ba11b397731f3c16d33a1d47e6d1433fcb77d62e2310692bc34328988902361ebc586c1422f7083bf3b
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbF0V:bAvJCYOOvbRPDEgXrNekd7l94i3pF0V

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-03_82c2f026d9c844bd0ee2a025925491d2_cryptolocker
- Size
  
  37KB
- MD5
  
  82c2f026d9c844bd0ee2a025925491d2
- SHA1
  
  8296ec9cbb050399ed9d59a71efb7f90664a392a
- SHA256
  
  8be60d6d54879678157043711c94caa777585bab8d95bfa3a16bf5d3638b67dc
- SHA512
  
  a633693ca87ab355f890043e67520301410db6b5a6db1ba11b397731f3c16d33a1d47e6d1433fcb77d62e2310692bc34328988902361ebc586c1422f7083bf3b
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbF0V:bAvJCYOOvbRPDEgXrNekd7l94i3pF0V
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2