25b86f94854465872a6ad6334fcbe03a9b4bc8539f11a9e1301224b83c714b50 | Triage

Sharing

General

Target

2024-04-20_a441650dfde13ea8d58d9f8332f67c2a_cryptolocker
Size

31KB
Sample

240420-gkpahsab38
MD5

a441650dfde13ea8d58d9f8332f67c2a
SHA1

42cfd464f5723946fa7689ddd5d9c80795cd1d28
SHA256

25b86f94854465872a6ad6334fcbe03a9b4bc8539f11a9e1301224b83c714b50
SHA512

13011b39ae8c79f271d805c2640068006fb9f2c68493f6b27f3d43c02547bd61c44c1da6b53efcd5a88e96c5f88b3f455d6947580fe1ce8acd3a444b96e57b5f
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qXpeh9dHO/oN0S:bAvJCYOOvbRPDEgXRc+BXpadD

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-20_a441650dfde13ea8d58d9f8332f67c2a_cryptolocker
- Size
  
  31KB
- MD5
  
  a441650dfde13ea8d58d9f8332f67c2a
- SHA1
  
  42cfd464f5723946fa7689ddd5d9c80795cd1d28
- SHA256
  
  25b86f94854465872a6ad6334fcbe03a9b4bc8539f11a9e1301224b83c714b50
- SHA512
  
  13011b39ae8c79f271d805c2640068006fb9f2c68493f6b27f3d43c02547bd61c44c1da6b53efcd5a88e96c5f88b3f455d6947580fe1ce8acd3a444b96e57b5f
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qXpeh9dHO/oN0S:bAvJCYOOvbRPDEgXRc+BXpadD
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2