9b08d98cb6d28ba1732218acedbf02c525a701bcda006a7251eb4faaac849cef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-28_855e07381e5b1d94f0b49e2852969311_cryptolocker
Size

38KB
Sample

240228-tab9esfd9t
MD5

855e07381e5b1d94f0b49e2852969311
SHA1

c20f4e89883ec6ba2051a403540b27990246e1fe
SHA256

9b08d98cb6d28ba1732218acedbf02c525a701bcda006a7251eb4faaac849cef
SHA512

c1e2737d1c671790b8391171c09210490a1df3c05b4219457bdc2d02bedeb4564d1fc2a08e756a1f60169995564ea95f8ab2dbaf350cb606913ae6d64f1763d9
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pF04cXRP15d:bAvJCF+RQgJeab4sFuXRp

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-28_855e07381e5b1d94f0b49e2852969311_cryptolocker
- Size
  
  38KB
- MD5
  
  855e07381e5b1d94f0b49e2852969311
- SHA1
  
  c20f4e89883ec6ba2051a403540b27990246e1fe
- SHA256
  
  9b08d98cb6d28ba1732218acedbf02c525a701bcda006a7251eb4faaac849cef
- SHA512
  
  c1e2737d1c671790b8391171c09210490a1df3c05b4219457bdc2d02bedeb4564d1fc2a08e756a1f60169995564ea95f8ab2dbaf350cb606913ae6d64f1763d9
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pF04cXRP15d:bAvJCF+RQgJeab4sFuXRp
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2