8bc579356e4f9363a18940ef4f51697e6b6f7ea243a92d4fd840475bcbf0afa8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-05_2bc9c43c80fea7286fa39207a63885c3_cryptolocker
Size

31KB
Sample

240305-w2hlmaee69
MD5

2bc9c43c80fea7286fa39207a63885c3
SHA1

555db826ea8460d0ed1c63ac862340b451bcce68
SHA256

8bc579356e4f9363a18940ef4f51697e6b6f7ea243a92d4fd840475bcbf0afa8
SHA512

fae7095fdd21b89e9f4aa0219ecab7933d0b93647ccea4f943a7b5800268ee4bc92ea9178a8e5a64a31344fe2532edc940d2baeff3c20d7e69c2b0a507d7bdb9
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0f:bAvJCYOOvbRPDEgXRcY

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-05_2bc9c43c80fea7286fa39207a63885c3_cryptolocker
- Size
  
  31KB
- MD5
  
  2bc9c43c80fea7286fa39207a63885c3
- SHA1
  
  555db826ea8460d0ed1c63ac862340b451bcce68
- SHA256
  
  8bc579356e4f9363a18940ef4f51697e6b6f7ea243a92d4fd840475bcbf0afa8
- SHA512
  
  fae7095fdd21b89e9f4aa0219ecab7933d0b93647ccea4f943a7b5800268ee4bc92ea9178a8e5a64a31344fe2532edc940d2baeff3c20d7e69c2b0a507d7bdb9
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0f:bAvJCYOOvbRPDEgXRcY
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2