701c5606465b8cc1e3850b8e75d153b245c6cea388a8e272d4ece4f1ca1f67f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-10_28fa82810f6e76b36c5ad704f5930c9f_cryptolocker
Size

37KB
Sample

240410-nk52lahb5x
MD5

28fa82810f6e76b36c5ad704f5930c9f
SHA1

8273576eba81623c91c27b85e80beb52a95c360d
SHA256

701c5606465b8cc1e3850b8e75d153b245c6cea388a8e272d4ece4f1ca1f67f4
SHA512

5abeaa88ab390b3b54b2766cec31740c1f6d2da9edad20e52970f656337806e83441f6d49090d13da3ea9a6cc9f29d5da4ab7a946e039c734daf8dc78c383137
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2BodcAOjbQ36ttTT:btB9g/WItCSsAGjX7r3BGubmv8

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-10_28fa82810f6e76b36c5ad704f5930c9f_cryptolocker
- Size
  
  37KB
- MD5
  
  28fa82810f6e76b36c5ad704f5930c9f
- SHA1
  
  8273576eba81623c91c27b85e80beb52a95c360d
- SHA256
  
  701c5606465b8cc1e3850b8e75d153b245c6cea388a8e272d4ece4f1ca1f67f4
- SHA512
  
  5abeaa88ab390b3b54b2766cec31740c1f6d2da9edad20e52970f656337806e83441f6d49090d13da3ea9a6cc9f29d5da4ab7a946e039c734daf8dc78c383137
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2BodcAOjbQ36ttTT:btB9g/WItCSsAGjX7r3BGubmv8
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2