2d7edb1c0d16170a8778d0c528a78f329f724d7443b8cfb00db06bfe67942631 | Triage

Sharing

General

Target

2024-02-25_afcf9538271c4f5257a1ceb287c7e7f8_cryptolocker
Size

40KB
Sample

240225-t7hgpsga94
MD5

afcf9538271c4f5257a1ceb287c7e7f8
SHA1

75138b33e4cb5fbf7e32311cf35adf982a2f6f5d
SHA256

2d7edb1c0d16170a8778d0c528a78f329f724d7443b8cfb00db06bfe67942631
SHA512

8fbee9f6b98e8f8164a108bbc7ac9f3d49b65ff333197db45ee782df28743e8ed55ac3d5644add7f7a1e91e8f179ef9b862ec326841937a8daabe996cf16aa7b
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+i5:bAvJCYOOvbRPDEgXrNekd7l94i3p+9

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-25_afcf9538271c4f5257a1ceb287c7e7f8_cryptolocker
- Size
  
  40KB
- MD5
  
  afcf9538271c4f5257a1ceb287c7e7f8
- SHA1
  
  75138b33e4cb5fbf7e32311cf35adf982a2f6f5d
- SHA256
  
  2d7edb1c0d16170a8778d0c528a78f329f724d7443b8cfb00db06bfe67942631
- SHA512
  
  8fbee9f6b98e8f8164a108bbc7ac9f3d49b65ff333197db45ee782df28743e8ed55ac3d5644add7f7a1e91e8f179ef9b862ec326841937a8daabe996cf16aa7b
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+i5:bAvJCYOOvbRPDEgXrNekd7l94i3p+9
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2