ec8d34a9205e227e02325eb8a9695eb2be27ee31c9d83cf92792f5e1e3021cab | Triage

Sharing

General

Target

2024-03-16_acc3b2cec910db1c16842a8626b3c83a_cryptolocker
Size

76KB
Sample

240316-e8qr5sdh75
MD5

acc3b2cec910db1c16842a8626b3c83a
SHA1

bfe00b16606da29e5f85e0b1bac7fc7da24cb11e
SHA256

ec8d34a9205e227e02325eb8a9695eb2be27ee31c9d83cf92792f5e1e3021cab
SHA512

c9cf42821a0596b51acef2388ad637c374051087805efefbf37c06b93588985879f6b3a584bb577e9df0bd46d9b57c3d7188fac96a0ff0c7e3134a84a90cfdda
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KujdI:ZVxkGOtEvwDpjca+

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-16_acc3b2cec910db1c16842a8626b3c83a_cryptolocker
- Size
  
  76KB
- MD5
  
  acc3b2cec910db1c16842a8626b3c83a
- SHA1
  
  bfe00b16606da29e5f85e0b1bac7fc7da24cb11e
- SHA256
  
  ec8d34a9205e227e02325eb8a9695eb2be27ee31c9d83cf92792f5e1e3021cab
- SHA512
  
  c9cf42821a0596b51acef2388ad637c374051087805efefbf37c06b93588985879f6b3a584bb577e9df0bd46d9b57c3d7188fac96a0ff0c7e3134a84a90cfdda
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KujdI:ZVxkGOtEvwDpjca+
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2