9d15b1c8b665484b7d5b35d826240fdd9e05f69f06b0bd18e3495adc3b4fc2a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-08_09868673f2d35673c3163e5a89ed7ca2_cryptolocker
Size

34KB
Sample

240408-rr1x1aef3y
MD5

09868673f2d35673c3163e5a89ed7ca2
SHA1

e35fdbc26e2f811af95cfa86542fd1f1b9029845
SHA256

9d15b1c8b665484b7d5b35d826240fdd9e05f69f06b0bd18e3495adc3b4fc2a1
SHA512

6978c4c3b90101fde8d75dfdd9821095ea4b97aec1d3b101780a5f10353440dccf89130a0965b4b91f8eacddcfc1b6bb5b36189fbaa01754e36ed647b848a8cc
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6c3l8Sz9VvV6prcz0Vy:bAvJCYOOvbRPDEgXRc3SSzoVgiy

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-08_09868673f2d35673c3163e5a89ed7ca2_cryptolocker
- Size
  
  34KB
- MD5
  
  09868673f2d35673c3163e5a89ed7ca2
- SHA1
  
  e35fdbc26e2f811af95cfa86542fd1f1b9029845
- SHA256
  
  9d15b1c8b665484b7d5b35d826240fdd9e05f69f06b0bd18e3495adc3b4fc2a1
- SHA512
  
  6978c4c3b90101fde8d75dfdd9821095ea4b97aec1d3b101780a5f10353440dccf89130a0965b4b91f8eacddcfc1b6bb5b36189fbaa01754e36ed647b848a8cc
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6c3l8Sz9VvV6prcz0Vy:bAvJCYOOvbRPDEgXRc3SSzoVgiy
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2