1fa71d9a1db2b7769c0b88c344c6fccb90bd181cdaed94f64dc645fab27c529d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-18_132cb439f7e6c7c3c2398ebacf24e44b_cryptolocker
Size

33KB
Sample

240418-e3vh5scc7s
MD5

132cb439f7e6c7c3c2398ebacf24e44b
SHA1

900ed5b493b173ab99c2cf45e7e68a575cec6912
SHA256

1fa71d9a1db2b7769c0b88c344c6fccb90bd181cdaed94f64dc645fab27c529d
SHA512

331e1bd99978a092af01eddee97abdfbf085c08d4eec68056c795a74857786532907351ae7d39cc85100a63874321e57610e7cdcf918733f3ab15d1f1c51de18
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Ptp:bxNrC7kYo1Fxf2rYBp

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-18_132cb439f7e6c7c3c2398ebacf24e44b_cryptolocker
- Size
  
  33KB
- MD5
  
  132cb439f7e6c7c3c2398ebacf24e44b
- SHA1
  
  900ed5b493b173ab99c2cf45e7e68a575cec6912
- SHA256
  
  1fa71d9a1db2b7769c0b88c344c6fccb90bd181cdaed94f64dc645fab27c529d
- SHA512
  
  331e1bd99978a092af01eddee97abdfbf085c08d4eec68056c795a74857786532907351ae7d39cc85100a63874321e57610e7cdcf918733f3ab15d1f1c51de18
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Ptp:bxNrC7kYo1Fxf2rYBp
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2