de04843c8e773ee2d8d28fc0d1d8d634d8bb10ddcd42eeff35a7c723b4d972e6 | Triage

Sharing

General

Target

2024-02-28_9efe628a148827a4eced470fedaa74fc_cryptolocker
Size

77KB
Sample

240228-jt7vbseh45
MD5

9efe628a148827a4eced470fedaa74fc
SHA1

16a0403d6f702f5b999ff3df9d98fd1a7f403d95
SHA256

de04843c8e773ee2d8d28fc0d1d8d634d8bb10ddcd42eeff35a7c723b4d972e6
SHA512

0e834e45e47f361b9e377246dfc9d24fe27eeda72c89ce2b1893319a7b627af0db6bd8c061db0f16f09edcd1dc31c10107c6b4bf14f530e7b0e120f1d549619c
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWTmx:ZVxkGOtEvwDpjcax7

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-28_9efe628a148827a4eced470fedaa74fc_cryptolocker
- Size
  
  77KB
- MD5
  
  9efe628a148827a4eced470fedaa74fc
- SHA1
  
  16a0403d6f702f5b999ff3df9d98fd1a7f403d95
- SHA256
  
  de04843c8e773ee2d8d28fc0d1d8d634d8bb10ddcd42eeff35a7c723b4d972e6
- SHA512
  
  0e834e45e47f361b9e377246dfc9d24fe27eeda72c89ce2b1893319a7b627af0db6bd8c061db0f16f09edcd1dc31c10107c6b4bf14f530e7b0e120f1d549619c
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWTmx:ZVxkGOtEvwDpjcax7
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2