1638308086cbe9f7acfcda6698952228cbfe77156e5623868c324ba2a29aac76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-12_86f9d1e882c8b08985dafc74cd9f028a_cryptolocker
Size

34KB
Sample

240212-q1fsragg23
MD5

86f9d1e882c8b08985dafc74cd9f028a
SHA1

c0ccb484e0a1b85b68b66db5e6a7b0fa5f8ad7df
SHA256

1638308086cbe9f7acfcda6698952228cbfe77156e5623868c324ba2a29aac76
SHA512

e3bfb5bc5a1212b2eb037192200fd970676e77dae2a663ba2d1907632e548c8594b4eebae0ccc24941de479f415ecfcb78967238a82e43df952f3e99740faa6a
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiA0f9HMn0N:btB9g/WItCSsAGjX7e9N8sS

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-12_86f9d1e882c8b08985dafc74cd9f028a_cryptolocker
- Size
  
  34KB
- MD5
  
  86f9d1e882c8b08985dafc74cd9f028a
- SHA1
  
  c0ccb484e0a1b85b68b66db5e6a7b0fa5f8ad7df
- SHA256
  
  1638308086cbe9f7acfcda6698952228cbfe77156e5623868c324ba2a29aac76
- SHA512
  
  e3bfb5bc5a1212b2eb037192200fd970676e77dae2a663ba2d1907632e548c8594b4eebae0ccc24941de479f415ecfcb78967238a82e43df952f3e99740faa6a
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiA0f9HMn0N:btB9g/WItCSsAGjX7e9N8sS
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2