653c06ec38d8cd07a11146585c79902ac4795a6bd847e9219f0b6e2bea479ced | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-19_11b9b03929dfffcaff436ecd2230e67a_cryptolocker
Size

34KB
Sample

240419-lcgypaee4v
MD5

11b9b03929dfffcaff436ecd2230e67a
SHA1

1716f7d4ac881a699dee57ff99bf53818fba1ff8
SHA256

653c06ec38d8cd07a11146585c79902ac4795a6bd847e9219f0b6e2bea479ced
SHA512

3550e68c9da19c5f0da9a3e0a3e16091fb6cbc0a8739df7b42d331a070f650257f6ab5191aebd122e5980ef79adcb5937eb51126f989d8c9656e5cfe26e8b2fd
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B0qEx:btB9g/WItCSsAGjX7r3BTG

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-19_11b9b03929dfffcaff436ecd2230e67a_cryptolocker
- Size
  
  34KB
- MD5
  
  11b9b03929dfffcaff436ecd2230e67a
- SHA1
  
  1716f7d4ac881a699dee57ff99bf53818fba1ff8
- SHA256
  
  653c06ec38d8cd07a11146585c79902ac4795a6bd847e9219f0b6e2bea479ced
- SHA512
  
  3550e68c9da19c5f0da9a3e0a3e16091fb6cbc0a8739df7b42d331a070f650257f6ab5191aebd122e5980ef79adcb5937eb51126f989d8c9656e5cfe26e8b2fd
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B0qEx:btB9g/WItCSsAGjX7r3BTG
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2