607c3c892427d86fe92429e77218e7ddcc0a34df2cd94b200d6777fc9a39fba7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-11_ab80a0fc6e014560ee7753c16fa588cd_cryptolocker
Size

51KB
Sample

240211-zey7msbd3y
MD5

ab80a0fc6e014560ee7753c16fa588cd
SHA1

99cf4d1e34e419b9fb3b3ff2893eddafa7bc58af
SHA256

607c3c892427d86fe92429e77218e7ddcc0a34df2cd94b200d6777fc9a39fba7
SHA512

434ecc162b15a0d5a1b39846d3b2d43b284357e09fc13cc2e602afae63384686cbe38ec94c2a5f0b73f05fc40909fb11947bf78475969d4d886817d70aac4829
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5g:ZVxkGOtEvwDpjcS

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-11_ab80a0fc6e014560ee7753c16fa588cd_cryptolocker
- Size
  
  51KB
- MD5
  
  ab80a0fc6e014560ee7753c16fa588cd
- SHA1
  
  99cf4d1e34e419b9fb3b3ff2893eddafa7bc58af
- SHA256
  
  607c3c892427d86fe92429e77218e7ddcc0a34df2cd94b200d6777fc9a39fba7
- SHA512
  
  434ecc162b15a0d5a1b39846d3b2d43b284357e09fc13cc2e602afae63384686cbe38ec94c2a5f0b73f05fc40909fb11947bf78475969d4d886817d70aac4829
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5g:ZVxkGOtEvwDpjcS
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2