0dcb6900a6b351ab847ac83dd756fe22e69a6030794517df5e1a6d3c1f8fa4d6 | Triage

Sharing

General

Target

2024-02-29_e72b5bd884e71b41df663304f0e4c5bd_cryptolocker
Size

40KB
Sample

240229-ba8nhshg88
MD5

e72b5bd884e71b41df663304f0e4c5bd
SHA1

ba017c9c6e67ad137749ab364cd8583f2d2e0518
SHA256

0dcb6900a6b351ab847ac83dd756fe22e69a6030794517df5e1a6d3c1f8fa4d6
SHA512

19b59f21f20a0a5d3853b63760e44720853a36a20665a6608b60896b65abb93bd656e96c90d3f21926e42e269a07920c61074c0c021fd6e99f24d7a0c6011112
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/m:bAvJCF+RQgJeab4sy/lm

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-29_e72b5bd884e71b41df663304f0e4c5bd_cryptolocker
- Size
  
  40KB
- MD5
  
  e72b5bd884e71b41df663304f0e4c5bd
- SHA1
  
  ba017c9c6e67ad137749ab364cd8583f2d2e0518
- SHA256
  
  0dcb6900a6b351ab847ac83dd756fe22e69a6030794517df5e1a6d3c1f8fa4d6
- SHA512
  
  19b59f21f20a0a5d3853b63760e44720853a36a20665a6608b60896b65abb93bd656e96c90d3f21926e42e269a07920c61074c0c021fd6e99f24d7a0c6011112
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/m:bAvJCF+RQgJeab4sy/lm
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2