330f00df5a3bc6f469861c205c92399a87f48175a272a086185d8ce60a1ea839 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-19_ca81802fa517eb8c2afa05f68d26c20b_cryptolocker
Size

31KB
Sample

240319-vfcykshf7z
MD5

ca81802fa517eb8c2afa05f68d26c20b
SHA1

1c9605818093585934d223ddf7a20bd91e92a419
SHA256

330f00df5a3bc6f469861c205c92399a87f48175a272a086185d8ce60a1ea839
SHA512

ed1f6cc2cf39b6be8ea6fb15877565e99050e6763f204ba79180c220832728d08895913d9637a2c6b40eed4c7acf079b6594d954bc4f525ee2866f98cb8e6e90
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0cn2:bAvJCYOOvbRPDEgXRcT2

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-19_ca81802fa517eb8c2afa05f68d26c20b_cryptolocker
- Size
  
  31KB
- MD5
  
  ca81802fa517eb8c2afa05f68d26c20b
- SHA1
  
  1c9605818093585934d223ddf7a20bd91e92a419
- SHA256
  
  330f00df5a3bc6f469861c205c92399a87f48175a272a086185d8ce60a1ea839
- SHA512
  
  ed1f6cc2cf39b6be8ea6fb15877565e99050e6763f204ba79180c220832728d08895913d9637a2c6b40eed4c7acf079b6594d954bc4f525ee2866f98cb8e6e90
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0cn2:bAvJCYOOvbRPDEgXRcT2
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2