fa190875895a3bdca1bcb1ccb4115229677d19fbc733483e2caae4d53605d151 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-27_6b9a591e3d2a8b8f54e4b5c28f3516d8_cryptolocker
Size

33KB
Sample

240427-g9jfkadf7v
MD5

6b9a591e3d2a8b8f54e4b5c28f3516d8
SHA1

7dc123432b0e09d208a68a82664e1a44e2612d55
SHA256

fa190875895a3bdca1bcb1ccb4115229677d19fbc733483e2caae4d53605d151
SHA512

869777b23102e1f9e6316e8baf6d648c5822c23bc269c8ff5c29e1b2894084ca89f3b2fd6ece0f16e81065fb1e608fe68dc578ffc3dd694c401c3b28c8fa3973
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5E:bxNrC7kYo1Fxf2rYY

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-27_6b9a591e3d2a8b8f54e4b5c28f3516d8_cryptolocker
- Size
  
  33KB
- MD5
  
  6b9a591e3d2a8b8f54e4b5c28f3516d8
- SHA1
  
  7dc123432b0e09d208a68a82664e1a44e2612d55
- SHA256
  
  fa190875895a3bdca1bcb1ccb4115229677d19fbc733483e2caae4d53605d151
- SHA512
  
  869777b23102e1f9e6316e8baf6d648c5822c23bc269c8ff5c29e1b2894084ca89f3b2fd6ece0f16e81065fb1e608fe68dc578ffc3dd694c401c3b28c8fa3973
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5E:bxNrC7kYo1Fxf2rYY
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2