63a413004917b767b706256b2aa9474b9a4b7568590bbd0fd3b4adbd2e560283 | Triage

Sharing

General

Target

2024-03-29_2e9bcc79fbfdcb910cf4f1a0f60134eb_cryptolocker
Size

42KB
Sample

240329-c6k3rsgb67
MD5

2e9bcc79fbfdcb910cf4f1a0f60134eb
SHA1

5487d2a8c0d632d0765600436b08078371272a18
SHA256

63a413004917b767b706256b2aa9474b9a4b7568590bbd0fd3b4adbd2e560283
SHA512

6ca0d67150b0b5853c89e8ff4572a0af86f5cfca326aee00e3910c2423d7b2092982921eaea7bb5e280ee46aed09d6b71900ac26cee1fe719ac6eaa2a903f66e
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+iI:bAvJCYOOvbRPDEgXrNekd7l94i3p+T4

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-29_2e9bcc79fbfdcb910cf4f1a0f60134eb_cryptolocker
- Size
  
  42KB
- MD5
  
  2e9bcc79fbfdcb910cf4f1a0f60134eb
- SHA1
  
  5487d2a8c0d632d0765600436b08078371272a18
- SHA256
  
  63a413004917b767b706256b2aa9474b9a4b7568590bbd0fd3b4adbd2e560283
- SHA512
  
  6ca0d67150b0b5853c89e8ff4572a0af86f5cfca326aee00e3910c2423d7b2092982921eaea7bb5e280ee46aed09d6b71900ac26cee1fe719ac6eaa2a903f66e
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+iI:bAvJCYOOvbRPDEgXrNekd7l94i3p+T4
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2