a93eb7dfd58819ad0ac90f1cb35edae044fabef278715c6e37001975e17292f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-29_570a89a8b14a47813b08c01618284363_cryptolocker
Size

47KB
Sample

240329-vav7zacg2w
MD5

570a89a8b14a47813b08c01618284363
SHA1

17379c69f6201b6c4a7a2828f1ff56e22c2e60e8
SHA256

a93eb7dfd58819ad0ac90f1cb35edae044fabef278715c6e37001975e17292f2
SHA512

18614652c5a38fab521c4205e9a462789d81a0d09328516c4d72e04b0db4e4b92197e449e0a3a608a8b24d2d9dc06e8711b48bd3096e2ffd47d43cd5e82e50fe
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wsa:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1w

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-29_570a89a8b14a47813b08c01618284363_cryptolocker
- Size
  
  47KB
- MD5
  
  570a89a8b14a47813b08c01618284363
- SHA1
  
  17379c69f6201b6c4a7a2828f1ff56e22c2e60e8
- SHA256
  
  a93eb7dfd58819ad0ac90f1cb35edae044fabef278715c6e37001975e17292f2
- SHA512
  
  18614652c5a38fab521c4205e9a462789d81a0d09328516c4d72e04b0db4e4b92197e449e0a3a608a8b24d2d9dc06e8711b48bd3096e2ffd47d43cd5e82e50fe
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wsa:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1w
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2