4d3aca4f3263a315fef0946b598af02494fa224b67ce2f729b29fbbc19daae6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-11_13b97418d5b5fbed583f143ce5ecb918_cryptolocker
Size

32KB
Sample

240411-kcqp6aag4t
MD5

13b97418d5b5fbed583f143ce5ecb918
SHA1

ca2839f7cd63d75a40e6ccf27172ba73869f4566
SHA256

4d3aca4f3263a315fef0946b598af02494fa224b67ce2f729b29fbbc19daae6f
SHA512

38038d1eeebafc15502b335321757d740688d5f5c898b97e149ab63fa8dfc74212e977ac743afb994db0af71634327f08e050db7bebce09c73b36ee31b3bdeb4
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5d:bxNrC7kYo1Fxf2rYx

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-11_13b97418d5b5fbed583f143ce5ecb918_cryptolocker
- Size
  
  32KB
- MD5
  
  13b97418d5b5fbed583f143ce5ecb918
- SHA1
  
  ca2839f7cd63d75a40e6ccf27172ba73869f4566
- SHA256
  
  4d3aca4f3263a315fef0946b598af02494fa224b67ce2f729b29fbbc19daae6f
- SHA512
  
  38038d1eeebafc15502b335321757d740688d5f5c898b97e149ab63fa8dfc74212e977ac743afb994db0af71634327f08e050db7bebce09c73b36ee31b3bdeb4
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5d:bxNrC7kYo1Fxf2rYx
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2