1a1dda66386c1a3fc31c93db16f0f61f7bbfacb5d4ea7e5339f08f554cc37633 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-12_5f278f6666ee3198720dcc58177a7b95_cryptolocker
Size

38KB
Sample

240212-fbgzeaag6v
MD5

5f278f6666ee3198720dcc58177a7b95
SHA1

67354bf996e9a096fdca5c5ebe35422eaeede41b
SHA256

1a1dda66386c1a3fc31c93db16f0f61f7bbfacb5d4ea7e5339f08f554cc37633
SHA512

0a630cb7ccc34c21de8d175df4d51775ed63850119e4c826b1a47b9d98822456c18e2afa2c7ce7d298451aaf3713e2d94c0bb07fd398c5379bed2aa21f49f46a
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL8V:ZzFbxmLPWQMOtEvwDpjLeUq

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-12_5f278f6666ee3198720dcc58177a7b95_cryptolocker
- Size
  
  38KB
- MD5
  
  5f278f6666ee3198720dcc58177a7b95
- SHA1
  
  67354bf996e9a096fdca5c5ebe35422eaeede41b
- SHA256
  
  1a1dda66386c1a3fc31c93db16f0f61f7bbfacb5d4ea7e5339f08f554cc37633
- SHA512
  
  0a630cb7ccc34c21de8d175df4d51775ed63850119e4c826b1a47b9d98822456c18e2afa2c7ce7d298451aaf3713e2d94c0bb07fd398c5379bed2aa21f49f46a
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL8V:ZzFbxmLPWQMOtEvwDpjLeUq
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2