bfef30c36f49ce4ddd80ff387adebc3a0e4bac4c9ff2b496b08c8bc8ca738476 | Triage

Submit
Reports

Overview

overview

Static

static

2024-04-27...er.exe

windows7-x64

9

2024-04-27...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-04-27_0c31db75f9f138f8c9e14f9d6d0adec6_cryptolocker
Size

42KB
Sample

240427-2axjcshh22
MD5

0c31db75f9f138f8c9e14f9d6d0adec6
SHA1

e182c00de0c7096881b4ce96c77103fc12c84dfe
SHA256

bfef30c36f49ce4ddd80ff387adebc3a0e4bac4c9ff2b496b08c8bc8ca738476
SHA512

b5a5602be5be7bf0dd348d9ba92b925534a69fe320d8354c9f1b81a95ab3e4ff9237ecda416d978a8c7600440915a538aa164ee48c7c7fe6bc3ff0ab87de5d34
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9m:X6QFElP6n+gJQMOtEvwDpjBmzDkWDA

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-04-27_0c31db75f9f138f8c9e14f9d6d0adec6_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-27_0c31db75f9f138f8c9e14f9d6d0adec6_cryptolocker.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-27_0c31db75f9f138f8c9e14f9d6d0adec6_cryptolocker
- Size
  
  42KB
- MD5
  
  0c31db75f9f138f8c9e14f9d6d0adec6
- SHA1
  
  e182c00de0c7096881b4ce96c77103fc12c84dfe
- SHA256
  
  bfef30c36f49ce4ddd80ff387adebc3a0e4bac4c9ff2b496b08c8bc8ca738476
- SHA512
  
  b5a5602be5be7bf0dd348d9ba92b925534a69fe320d8354c9f1b81a95ab3e4ff9237ecda416d978a8c7600440915a538aa164ee48c7c7fe6bc3ff0ab87de5d34
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9m:X6QFElP6n+gJQMOtEvwDpjBmzDkWDA
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy