89f4e6f09f76e3796c497a0e146a69246669592d75e212e0fbb2a79c2851dc92 | Triage

Sharing

General

Target

2024-02-14_e67f2c82fa3c9c9d650c10e7890102c1_cryptolocker
Size

37KB
Sample

240214-dk69jsfd4t
MD5

e67f2c82fa3c9c9d650c10e7890102c1
SHA1

cceed76d49a9f575f56a0a11c408a8e7fef24085
SHA256

89f4e6f09f76e3796c497a0e146a69246669592d75e212e0fbb2a79c2851dc92
SHA512

ebba0036be2bcf2bec7cf8267ac0694c2fba1e95029481b94ff18b494512089638fab671fd8b4307ab19261d79544a1e412ff0583b6e67454c0b97a11ee7fb0c
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunRClp:btB9g/WItCSsAGjX7e9N0hunRClp

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-14_e67f2c82fa3c9c9d650c10e7890102c1_cryptolocker
- Size
  
  37KB
- MD5
  
  e67f2c82fa3c9c9d650c10e7890102c1
- SHA1
  
  cceed76d49a9f575f56a0a11c408a8e7fef24085
- SHA256
  
  89f4e6f09f76e3796c497a0e146a69246669592d75e212e0fbb2a79c2851dc92
- SHA512
  
  ebba0036be2bcf2bec7cf8267ac0694c2fba1e95029481b94ff18b494512089638fab671fd8b4307ab19261d79544a1e412ff0583b6e67454c0b97a11ee7fb0c
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunRClp:btB9g/WItCSsAGjX7e9N0hunRClp
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2