04ffb3aa8836eb0034544242558ba6d76659e5254d30a67ca5586f6f4e87128b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-24_c8567fa47abdca408770ac489ed72435_cryptolocker
Size

33KB
Sample

240424-ykws2agd55
MD5

c8567fa47abdca408770ac489ed72435
SHA1

5bd4f978acf20383072f764187e62555da56c045
SHA256

04ffb3aa8836eb0034544242558ba6d76659e5254d30a67ca5586f6f4e87128b
SHA512

d80d072b024f94f3a40f229c087984d7f254ce9ba176e5b323d8f16f5bf3542c5be24e6847eff481272d165ded01f8a8b6dddf17ed451f76e4ab6435bc9196da
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5PpKp:bxNrC7kYo1Fxf2rY1C

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-24_c8567fa47abdca408770ac489ed72435_cryptolocker
- Size
  
  33KB
- MD5
  
  c8567fa47abdca408770ac489ed72435
- SHA1
  
  5bd4f978acf20383072f764187e62555da56c045
- SHA256
  
  04ffb3aa8836eb0034544242558ba6d76659e5254d30a67ca5586f6f4e87128b
- SHA512
  
  d80d072b024f94f3a40f229c087984d7f254ce9ba176e5b323d8f16f5bf3542c5be24e6847eff481272d165ded01f8a8b6dddf17ed451f76e4ab6435bc9196da
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5PpKp:bxNrC7kYo1Fxf2rY1C
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2