80764558e3b7fbb301330368de80a10aa99d74b7c93edbdd1320c55696aba3b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-05_4a11a09a66a7187a893ca93c093645c9_cryptolocker
Size

76KB
Sample

240405-lm8jdsgf5y
MD5

4a11a09a66a7187a893ca93c093645c9
SHA1

5e22833fde160e5c6c2c4282293782eefbf65725
SHA256

80764558e3b7fbb301330368de80a10aa99d74b7c93edbdd1320c55696aba3b5
SHA512

74cd24c0f84d038a5c8a8a7d89a638b03fc3008a1cf6aa93aa96390c6bd06771f5100a1fb96b386402aa9de7069884435d1d6f50927f291af3cf45fafae0b66e
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuTDG:ZVxkGOtEvwDpjcai

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-05_4a11a09a66a7187a893ca93c093645c9_cryptolocker
- Size
  
  76KB
- MD5
  
  4a11a09a66a7187a893ca93c093645c9
- SHA1
  
  5e22833fde160e5c6c2c4282293782eefbf65725
- SHA256
  
  80764558e3b7fbb301330368de80a10aa99d74b7c93edbdd1320c55696aba3b5
- SHA512
  
  74cd24c0f84d038a5c8a8a7d89a638b03fc3008a1cf6aa93aa96390c6bd06771f5100a1fb96b386402aa9de7069884435d1d6f50927f291af3cf45fafae0b66e
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuTDG:ZVxkGOtEvwDpjcai
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2