17083af6aed743dabd575d165361a615b42e4fa2db47f166a36fcc2c99d5ad92 | Triage

Sharing

General

Target

2024-04-10_0142bcaeb26be5f75787a448a737b757_cryptolocker
Size

38KB
Sample

240410-cweg8sfc4z
MD5

0142bcaeb26be5f75787a448a737b757
SHA1

ff29b818331829659e2e0e364b8f4fd36d15b310
SHA256

17083af6aed743dabd575d165361a615b42e4fa2db47f166a36fcc2c99d5ad92
SHA512

d8e8e82456aa44f164da3f1530382ec41654f528ea15f7b10c7369bf99534de5577093dded4c350da64a838164bb2a74e1522d58470776bedade52cccce8af05
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenU/:ZzFbxmLPWQMOtEvwDpjLeK

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-10_0142bcaeb26be5f75787a448a737b757_cryptolocker
- Size
  
  38KB
- MD5
  
  0142bcaeb26be5f75787a448a737b757
- SHA1
  
  ff29b818331829659e2e0e364b8f4fd36d15b310
- SHA256
  
  17083af6aed743dabd575d165361a615b42e4fa2db47f166a36fcc2c99d5ad92
- SHA512
  
  d8e8e82456aa44f164da3f1530382ec41654f528ea15f7b10c7369bf99534de5577093dded4c350da64a838164bb2a74e1522d58470776bedade52cccce8af05
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenU/:ZzFbxmLPWQMOtEvwDpjLeK
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2