7895b929b57ffebd84cea947eccf852fd71488898328f93aa053a66ca3e57570 | Triage

Sharing

General

Target

2024-02-19_882381d2ce2599842c0a8f0ee84be0bb_cryptolocker
Size

27KB
Sample

240219-t62h7agh92
MD5

882381d2ce2599842c0a8f0ee84be0bb
SHA1

b0efdbb6f3c747a5cf0e53938905172a1e47032e
SHA256

7895b929b57ffebd84cea947eccf852fd71488898328f93aa053a66ca3e57570
SHA512

29997173cb419c2f601d6a9760c6edc0b0af1f5f871f7782b9023e23feac6715f355e023326b9ccee770a2f8618e46078c3d42ec3fd4369b43b3a974d46c1001
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo+m:bAvJCYOOvbRPDEgX1m

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-19_882381d2ce2599842c0a8f0ee84be0bb_cryptolocker
- Size
  
  27KB
- MD5
  
  882381d2ce2599842c0a8f0ee84be0bb
- SHA1
  
  b0efdbb6f3c747a5cf0e53938905172a1e47032e
- SHA256
  
  7895b929b57ffebd84cea947eccf852fd71488898328f93aa053a66ca3e57570
- SHA512
  
  29997173cb419c2f601d6a9760c6edc0b0af1f5f871f7782b9023e23feac6715f355e023326b9ccee770a2f8618e46078c3d42ec3fd4369b43b3a974d46c1001
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo+m:bAvJCYOOvbRPDEgX1m
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2