5b8c7d85b071129d203d89e468a174fbee92c7c5a178a5af0194f24dfc2ac487 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-23_77db6742b66e7d855be3f6b9bd9c7107_cryptolocker
Size

40KB
Sample

240223-zfzvkagf79
MD5

77db6742b66e7d855be3f6b9bd9c7107
SHA1

ef70b836746373963880d6356bb20d978774acd3
SHA256

5b8c7d85b071129d203d89e468a174fbee92c7c5a178a5af0194f24dfc2ac487
SHA512

aae6fdbe13b33ae2b65302d1a51519f4296d5ef4615d16ccecbaf65bdcaa59e7e5d2f1963ca1b66d19609939c1efbec5bfdc38b57d4f59ff4d3da5243206ba17
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/YXW3:bAvJCF+RQgJeab4sy/lYXW3

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-23_77db6742b66e7d855be3f6b9bd9c7107_cryptolocker
- Size
  
  40KB
- MD5
  
  77db6742b66e7d855be3f6b9bd9c7107
- SHA1
  
  ef70b836746373963880d6356bb20d978774acd3
- SHA256
  
  5b8c7d85b071129d203d89e468a174fbee92c7c5a178a5af0194f24dfc2ac487
- SHA512
  
  aae6fdbe13b33ae2b65302d1a51519f4296d5ef4615d16ccecbaf65bdcaa59e7e5d2f1963ca1b66d19609939c1efbec5bfdc38b57d4f59ff4d3da5243206ba17
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/YXW3:bAvJCF+RQgJeab4sy/lYXW3
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2