d022e235f703eb8ff55230b1672027f6511a1f9696d25d543a58a26c2e1d7def | Triage

Sharing

General

Target

2024-02-12_f1a1be1188c768ce231a16dc4bd6a636_cryptolocker
Size

38KB
Sample

240212-whze2acd73
MD5

f1a1be1188c768ce231a16dc4bd6a636
SHA1

313327b6756a84011aa97c8deef000d5cf3027dc
SHA256

d022e235f703eb8ff55230b1672027f6511a1f9696d25d543a58a26c2e1d7def
SHA512

e2fcdd40cc98064e1ea9e8eb39a9fe1370705283decf5dbefd5be09d36cddc2710dea1a928fa05c0c2fa4fde43b495a3c3a37d5248b9d0ff78639261506c1c45
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nby6U6t:bAvJCYOOvbRPDEgXrNekd7l94i3py/da

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-12_f1a1be1188c768ce231a16dc4bd6a636_cryptolocker
- Size
  
  38KB
- MD5
  
  f1a1be1188c768ce231a16dc4bd6a636
- SHA1
  
  313327b6756a84011aa97c8deef000d5cf3027dc
- SHA256
  
  d022e235f703eb8ff55230b1672027f6511a1f9696d25d543a58a26c2e1d7def
- SHA512
  
  e2fcdd40cc98064e1ea9e8eb39a9fe1370705283decf5dbefd5be09d36cddc2710dea1a928fa05c0c2fa4fde43b495a3c3a37d5248b9d0ff78639261506c1c45
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nby6U6t:bAvJCYOOvbRPDEgXrNekd7l94i3py/da
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2