99aa073a40d3ffd6ac5bb5305b51e6aa3bcc27289b0faa1bd8d3e569c17b8a4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-13_92d5886ddac8320460c1b5ffbd2d42f3_cryptolocker
Size

76KB
Sample

240213-f7pzwsgf66
MD5

92d5886ddac8320460c1b5ffbd2d42f3
SHA1

96fd8290c572774a1938654ed8fb3b74dd15eb98
SHA256

99aa073a40d3ffd6ac5bb5305b51e6aa3bcc27289b0faa1bd8d3e569c17b8a4a
SHA512

66d0be033e2ba0787a1b7dc71db52f4efe37dda60b3e26c43cd52b9afcfd6ec93c6641ec03dc7a5dc6a4d3005c0840132465ea816de644b7834fe5066db5171a
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWTeg2:ZVxkGOtEvwDpjcaxn

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-13_92d5886ddac8320460c1b5ffbd2d42f3_cryptolocker
- Size
  
  76KB
- MD5
  
  92d5886ddac8320460c1b5ffbd2d42f3
- SHA1
  
  96fd8290c572774a1938654ed8fb3b74dd15eb98
- SHA256
  
  99aa073a40d3ffd6ac5bb5305b51e6aa3bcc27289b0faa1bd8d3e569c17b8a4a
- SHA512
  
  66d0be033e2ba0787a1b7dc71db52f4efe37dda60b3e26c43cd52b9afcfd6ec93c6641ec03dc7a5dc6a4d3005c0840132465ea816de644b7834fe5066db5171a
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWTeg2:ZVxkGOtEvwDpjcaxn
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2