7db9963fe14cc087ec3a1b947ef3432ce27fb661158d56d6b47d01f81852aafe | Triage

Sharing

General

Target

2024-04-21_4ae845eba6127ee926c216635fd0670f_cryptolocker
Size

33KB
Sample

240421-edf98aae71
MD5

4ae845eba6127ee926c216635fd0670f
SHA1

35c46c325bee230681ecb1602e126eb889d2df3d
SHA256

7db9963fe14cc087ec3a1b947ef3432ce27fb661158d56d6b47d01f81852aafe
SHA512

a7009b2d7dde7dedb6c29b362e13416d851612f33fd2cfd977753e52c393902466b27c63cbcb32b0927d95990e2a41270f3acbe5f1a2d2e1434c61d3f91d6adf
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pp+:bxNrC7kYo1Fxf2rY1+

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-21_4ae845eba6127ee926c216635fd0670f_cryptolocker
- Size
  
  33KB
- MD5
  
  4ae845eba6127ee926c216635fd0670f
- SHA1
  
  35c46c325bee230681ecb1602e126eb889d2df3d
- SHA256
  
  7db9963fe14cc087ec3a1b947ef3432ce27fb661158d56d6b47d01f81852aafe
- SHA512
  
  a7009b2d7dde7dedb6c29b362e13416d851612f33fd2cfd977753e52c393902466b27c63cbcb32b0927d95990e2a41270f3acbe5f1a2d2e1434c61d3f91d6adf
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pp+:bxNrC7kYo1Fxf2rY1+
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2