896a95df79be704fe697333dafce398a2bc8dda740bff0a998e0381ca2b73b17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-16_f7ed963fc5e1e7425d4be66066fb2dd0_cryptolocker
Size

37KB
Sample

240316-js11dseh5y
MD5

f7ed963fc5e1e7425d4be66066fb2dd0
SHA1

48f9423a1718d62c568e6f48b1f55bd4ad0ee9a9
SHA256

896a95df79be704fe697333dafce398a2bc8dda740bff0a998e0381ca2b73b17
SHA512

a6c2ceee415f7a154898877698b2f53c41e4b484a21b90e628796a570ac7477bc00e50a6d77066a7ae0eb67fd5d32cce3aabce1904186ce0cc5971d0b7b85554
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLen7CD9:ZzFbxmLPWQMOtEvwDpjLeW5

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-16_f7ed963fc5e1e7425d4be66066fb2dd0_cryptolocker
- Size
  
  37KB
- MD5
  
  f7ed963fc5e1e7425d4be66066fb2dd0
- SHA1
  
  48f9423a1718d62c568e6f48b1f55bd4ad0ee9a9
- SHA256
  
  896a95df79be704fe697333dafce398a2bc8dda740bff0a998e0381ca2b73b17
- SHA512
  
  a6c2ceee415f7a154898877698b2f53c41e4b484a21b90e628796a570ac7477bc00e50a6d77066a7ae0eb67fd5d32cce3aabce1904186ce0cc5971d0b7b85554
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLen7CD9:ZzFbxmLPWQMOtEvwDpjLeW5
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2