73e953a9d310714d21150ae41857e40a1d6c2a253b8625f50e7efaf319829b4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-19_e6a4da5de8b59cb8b6b522573a5f4ddf_cryptolocker
Size

33KB
Sample

240419-e85w3aaa7t
MD5

e6a4da5de8b59cb8b6b522573a5f4ddf
SHA1

fee44afb532f577cf3ef80fe81af56f85f2abcd0
SHA256

73e953a9d310714d21150ae41857e40a1d6c2a253b8625f50e7efaf319829b4b
SHA512

9636a3f73c29837aaeb0648e18a1420b93e55812966fc13e132f8233ac41325d5cd39a6725974fcec9694eda191b4815590cd7ef0e949a1edd9612ecc4e8b31e
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pti:bxNrC7kYo1Fxf2rYBi

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-19_e6a4da5de8b59cb8b6b522573a5f4ddf_cryptolocker
- Size
  
  33KB
- MD5
  
  e6a4da5de8b59cb8b6b522573a5f4ddf
- SHA1
  
  fee44afb532f577cf3ef80fe81af56f85f2abcd0
- SHA256
  
  73e953a9d310714d21150ae41857e40a1d6c2a253b8625f50e7efaf319829b4b
- SHA512
  
  9636a3f73c29837aaeb0648e18a1420b93e55812966fc13e132f8233ac41325d5cd39a6725974fcec9694eda191b4815590cd7ef0e949a1edd9612ecc4e8b31e
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pti:bxNrC7kYo1Fxf2rYBi
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2