c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729 | Triage

Sharing

General

Target

2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker
Size

39KB
Sample

240221-d13ajaaf4y
MD5

db01fa163a477b7a6af4b05eb5249ffc
SHA1

3d3bf36d35b0fe72bb446fded53800688acfa509
SHA256

c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729
SHA512

782874ca39676d901067acfb37ec6a60858a57faedf3af3b8b0ece485fb7c09a27c60167b4e255f1d5b534ba69b3e233a3a1434304527dc919e162f8aa3d30f1
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yLFka:bAvJCF+RQgJeab4sy/a3

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker
- Size
  
  39KB
- MD5
  
  db01fa163a477b7a6af4b05eb5249ffc
- SHA1
  
  3d3bf36d35b0fe72bb446fded53800688acfa509
- SHA256
  
  c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729
- SHA512
  
  782874ca39676d901067acfb37ec6a60858a57faedf3af3b8b0ece485fb7c09a27c60167b4e255f1d5b534ba69b3e233a3a1434304527dc919e162f8aa3d30f1
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yLFka:bAvJCF+RQgJeab4sy/a3
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2