4bf183bf6f8024ecef239018b6a6171903890d3dc987717ff83aff3cd4aadc56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-07_d6a7d0c8da8476704ed2105d712f2385_cryptolocker
Size

53KB
Sample

240307-e91zhaec97
MD5

d6a7d0c8da8476704ed2105d712f2385
SHA1

bc983a0054127ea673c9ae77ad8e9882f2b6ad62
SHA256

4bf183bf6f8024ecef239018b6a6171903890d3dc987717ff83aff3cd4aadc56
SHA512

df3b2b580d7f3cb38a9c1b5d8b1b50700d9a70f0fa68c7d6fd2806131a9b3e4d8bb02cfb2a4b46129dd21c572e850466a608797f86c86f385f7c98c4ad891cf7
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO58O:ZVxkGOtEvwDpjcV

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-07_d6a7d0c8da8476704ed2105d712f2385_cryptolocker
- Size
  
  53KB
- MD5
  
  d6a7d0c8da8476704ed2105d712f2385
- SHA1
  
  bc983a0054127ea673c9ae77ad8e9882f2b6ad62
- SHA256
  
  4bf183bf6f8024ecef239018b6a6171903890d3dc987717ff83aff3cd4aadc56
- SHA512
  
  df3b2b580d7f3cb38a9c1b5d8b1b50700d9a70f0fa68c7d6fd2806131a9b3e4d8bb02cfb2a4b46129dd21c572e850466a608797f86c86f385f7c98c4ad891cf7
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO58O:ZVxkGOtEvwDpjcV
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2