8cdd85c66ba982e491b8849f12629d459800fa5c2461962687a72e7bf56fddf8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-05_15d867fcdd150e3fe6bc1597d6d8624a_cryptolocker
Size

60KB
Sample

240305-x6n5msfa5w
MD5

15d867fcdd150e3fe6bc1597d6d8624a
SHA1

93d75ca1ce18ee498b8690e420036dd413f9385b
SHA256

8cdd85c66ba982e491b8849f12629d459800fa5c2461962687a72e7bf56fddf8
SHA512

16243787ff2353c6a7d9c9f893e62cd4a7b386c6b6e60c7439503052a5a76ac351641817fd9b4a7a0091a333744f06adc6896780464cf303bcfd2be507654055
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3rFC0w1L:ZVxkGOtEvwDpjcam

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-05_15d867fcdd150e3fe6bc1597d6d8624a_cryptolocker
- Size
  
  60KB
- MD5
  
  15d867fcdd150e3fe6bc1597d6d8624a
- SHA1
  
  93d75ca1ce18ee498b8690e420036dd413f9385b
- SHA256
  
  8cdd85c66ba982e491b8849f12629d459800fa5c2461962687a72e7bf56fddf8
- SHA512
  
  16243787ff2353c6a7d9c9f893e62cd4a7b386c6b6e60c7439503052a5a76ac351641817fd9b4a7a0091a333744f06adc6896780464cf303bcfd2be507654055
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3rFC0w1L:ZVxkGOtEvwDpjcam
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2