78d1a006e6dea663d6ec7804532cc74e7f3e878fedf08a1fb28fcb685bad6f63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-05_d3ffc3e68089bba73209560c5803554f_cryptolocker
Size

32KB
Sample

240405-lzndzsha6w
MD5

d3ffc3e68089bba73209560c5803554f
SHA1

a7d715b55e86c8323c6b8d6245c6bb5e77f4417c
SHA256

78d1a006e6dea663d6ec7804532cc74e7f3e878fedf08a1fb28fcb685bad6f63
SHA512

bedf72bee51e9bc44e0b4e73445cd65fb2b3a77945c4646913ce5d1869933d2e7e889eaa7d5f54a341bf3091e39d41e4817db43c70117877418a472c4d5509c0
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0G1+2aW:bAvJCYOOvbRPDEgXRcN1j

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-05_d3ffc3e68089bba73209560c5803554f_cryptolocker
- Size
  
  32KB
- MD5
  
  d3ffc3e68089bba73209560c5803554f
- SHA1
  
  a7d715b55e86c8323c6b8d6245c6bb5e77f4417c
- SHA256
  
  78d1a006e6dea663d6ec7804532cc74e7f3e878fedf08a1fb28fcb685bad6f63
- SHA512
  
  bedf72bee51e9bc44e0b4e73445cd65fb2b3a77945c4646913ce5d1869933d2e7e889eaa7d5f54a341bf3091e39d41e4817db43c70117877418a472c4d5509c0
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuah0G1+2aW:bAvJCYOOvbRPDEgXRcN1j
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2