d371687b60e38e86d383cb03dc46cf71b1b636092ea061c154c055499fb175c2 | Triage

Sharing

General

Target

2024-03-16_69b4faadf8fd4beb4e322b5a1dbc3602_cryptolocker
Size

66KB
Sample

240316-psdgzsba9y
MD5

69b4faadf8fd4beb4e322b5a1dbc3602
SHA1

37af567dce06d892f395a4a431c396680f6dc711
SHA256

d371687b60e38e86d383cb03dc46cf71b1b636092ea061c154c055499fb175c2
SHA512

1fc74b4e904e0f6baf4a474b8a155b08b150e6d633c53311ca962038b7f01a0791835d2f1830d81bc67a2423f7ee905db8680e988e53264da81a5a770edab282
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3hvLcbVbdh:ZVxkGOtEvwDpjcaw1

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-16_69b4faadf8fd4beb4e322b5a1dbc3602_cryptolocker
- Size
  
  66KB
- MD5
  
  69b4faadf8fd4beb4e322b5a1dbc3602
- SHA1
  
  37af567dce06d892f395a4a431c396680f6dc711
- SHA256
  
  d371687b60e38e86d383cb03dc46cf71b1b636092ea061c154c055499fb175c2
- SHA512
  
  1fc74b4e904e0f6baf4a474b8a155b08b150e6d633c53311ca962038b7f01a0791835d2f1830d81bc67a2423f7ee905db8680e988e53264da81a5a770edab282
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3hvLcbVbdh:ZVxkGOtEvwDpjcaw1
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2