09b5964824474d85c8d05decfc2e4594b2c7c4ce8455380b2d56cf90ee6ca98b | Triage

Sharing

General

Target

2024-04-10_7818f6429bf42ee8c168d4d7bce377ef_cryptolocker
Size

39KB
Sample

240410-1gfnrafb31
MD5

7818f6429bf42ee8c168d4d7bce377ef
SHA1

3eb89c0416e1f731b5daa356a72bbff2ea503807
SHA256

09b5964824474d85c8d05decfc2e4594b2c7c4ce8455380b2d56cf90ee6ca98b
SHA512

34334c63e15ffe1d28eeffe6b2a0dcc44c95e5e13040f40e1a03a94bf3d7b6c4266e8a698cfd3b53b41c7046dcfcedffaab6654b0ce6619734eb65782313e1bc
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nby6UTq:bAvJCYOOvbRPDEgXrNekd7l94i3py/Tq

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-10_7818f6429bf42ee8c168d4d7bce377ef_cryptolocker
- Size
  
  39KB
- MD5
  
  7818f6429bf42ee8c168d4d7bce377ef
- SHA1
  
  3eb89c0416e1f731b5daa356a72bbff2ea503807
- SHA256
  
  09b5964824474d85c8d05decfc2e4594b2c7c4ce8455380b2d56cf90ee6ca98b
- SHA512
  
  34334c63e15ffe1d28eeffe6b2a0dcc44c95e5e13040f40e1a03a94bf3d7b6c4266e8a698cfd3b53b41c7046dcfcedffaab6654b0ce6619734eb65782313e1bc
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nby6UTq:bAvJCYOOvbRPDEgXrNekd7l94i3py/Tq
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2