6597e1b4484dddc509a817434c464d091fe41018e845ec7c57a9bfa1c4e9c617 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-07_da75b32a1d60ae88f312887905441481_cryptolocker
Size

40KB
Sample

240307-hcvb8sgb4v
MD5

da75b32a1d60ae88f312887905441481
SHA1

58e7907cd640ec905832e7648c6f469971c11653
SHA256

6597e1b4484dddc509a817434c464d091fe41018e845ec7c57a9bfa1c4e9c617
SHA512

6d22ca65e0c669c073caf0749fd655961867a5d68bacf54973c81cb3770e2185d959828947d2dbb7dfd254604e7ba22c7679e285e7709a4e1b96708d91c45adf
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yss:bAvJCF+RQgJeab4sy/+

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-07_da75b32a1d60ae88f312887905441481_cryptolocker
- Size
  
  40KB
- MD5
  
  da75b32a1d60ae88f312887905441481
- SHA1
  
  58e7907cd640ec905832e7648c6f469971c11653
- SHA256
  
  6597e1b4484dddc509a817434c464d091fe41018e845ec7c57a9bfa1c4e9c617
- SHA512
  
  6d22ca65e0c669c073caf0749fd655961867a5d68bacf54973c81cb3770e2185d959828947d2dbb7dfd254604e7ba22c7679e285e7709a4e1b96708d91c45adf
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yss:bAvJCF+RQgJeab4sy/+
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2