d85c6a67ae91a6f495db1f4fbfe129048694882740d6f8b40bb6427d70b2c95f | Triage

Sharing

General

Target

2024-03-08_b717af6d78bf813d29b3dd649138bbbb_cryptolocker
Size

40KB
Sample

240308-ee2ybaef49
MD5

b717af6d78bf813d29b3dd649138bbbb
SHA1

c4a8a0acb6b5ff2693a01773f898510dd893349d
SHA256

d85c6a67ae91a6f495db1f4fbfe129048694882740d6f8b40bb6427d70b2c95f
SHA512

d0da23fd146f6209dba88487e8565cd189ff012cc68bd86adb1525402fc8aef49ce18f8cfdb8d96098e6370692785c1e0766d33d98932b8dfc91df70bd1ce817
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/Ja:bAvJCF+RQgJeab4sy/lg

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-08_b717af6d78bf813d29b3dd649138bbbb_cryptolocker
- Size
  
  40KB
- MD5
  
  b717af6d78bf813d29b3dd649138bbbb
- SHA1
  
  c4a8a0acb6b5ff2693a01773f898510dd893349d
- SHA256
  
  d85c6a67ae91a6f495db1f4fbfe129048694882740d6f8b40bb6427d70b2c95f
- SHA512
  
  d0da23fd146f6209dba88487e8565cd189ff012cc68bd86adb1525402fc8aef49ce18f8cfdb8d96098e6370692785c1e0766d33d98932b8dfc91df70bd1ce817
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/Ja:bAvJCF+RQgJeab4sy/lg
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2