4f592a5af9d89c3e8e4b6ac5576a5f2e8b75f3bebf21383b56df8690f1e0c0f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-27_8ae03307bbe84a90233d5e1a9f74c933_cryptolocker
Size

31KB
Sample

240327-yafztsae22
MD5

8ae03307bbe84a90233d5e1a9f74c933
SHA1

e2fb2de76ba76158eb36a67c8a00fb588d9faa7e
SHA256

4f592a5af9d89c3e8e4b6ac5576a5f2e8b75f3bebf21383b56df8690f1e0c0f4
SHA512

67e1fcebc803e86b85fb70eeca89555e0b2779c96c50021db812b4a75b20338aaf5e3d81fbd946ee3f29e9487e8370eb2896e01d9a72a319e52b25274b8e6508
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0G1+24:bAvJCYOOvbRPDEgXRcN1w

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-27_8ae03307bbe84a90233d5e1a9f74c933_cryptolocker
- Size
  
  31KB
- MD5
  
  8ae03307bbe84a90233d5e1a9f74c933
- SHA1
  
  e2fb2de76ba76158eb36a67c8a00fb588d9faa7e
- SHA256
  
  4f592a5af9d89c3e8e4b6ac5576a5f2e8b75f3bebf21383b56df8690f1e0c0f4
- SHA512
  
  67e1fcebc803e86b85fb70eeca89555e0b2779c96c50021db812b4a75b20338aaf5e3d81fbd946ee3f29e9487e8370eb2896e01d9a72a319e52b25274b8e6508
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0G1+24:bAvJCYOOvbRPDEgXRcN1w
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2