8417545a231a67fcb45d72a9a954542d771141600858596f7993cbe2005c618a | Triage

Sharing

General

Target

2024-03-05_f23664ba2ac4877acfe2864827d7dd51_cryptolocker
Size

47KB
Sample

240305-wdq8vsdg88
MD5

f23664ba2ac4877acfe2864827d7dd51
SHA1

f8f3bf5e10141e4a73f8314871435c4079ab8b12
SHA256

8417545a231a67fcb45d72a9a954542d771141600858596f7993cbe2005c618a
SHA512

a8b1ef6fef5646f1259d15e53b94746216af83d642cb64ff01db71c91b89cd246c546b8298e571250bbb35c48fd44a07060ec5986e4af9977581aa57a5c05e81
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wsU:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1m

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-05_f23664ba2ac4877acfe2864827d7dd51_cryptolocker
- Size
  
  47KB
- MD5
  
  f23664ba2ac4877acfe2864827d7dd51
- SHA1
  
  f8f3bf5e10141e4a73f8314871435c4079ab8b12
- SHA256
  
  8417545a231a67fcb45d72a9a954542d771141600858596f7993cbe2005c618a
- SHA512
  
  a8b1ef6fef5646f1259d15e53b94746216af83d642cb64ff01db71c91b89cd246c546b8298e571250bbb35c48fd44a07060ec5986e4af9977581aa57a5c05e81
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wsU:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1m
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2