8098487e409bd0bf5547f597b15a10357018c2b31893bbbfdf772274a781b48a | Triage

Sharing

General

Target

2024-05-01_9daa3f0f1116180696ecd94ec5dd5822_cryptolocker
Size

76KB
Sample

240501-f7gcrabc86
MD5

9daa3f0f1116180696ecd94ec5dd5822
SHA1

62f7a56cee36bf2c99009ec8d86c10d2a0720471
SHA256

8098487e409bd0bf5547f597b15a10357018c2b31893bbbfdf772274a781b48a
SHA512

39284fa4728e8054012d67d166e1fe28e80a7f963e2dc54fc33b4ad0dc6f6ca8bbc2863d62e8ac239f4061cb5785c159db36e26493ba6c7e8d442f7f27297e8a
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KU0:ZVxkGOtEvwDpjcaA

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-01_9daa3f0f1116180696ecd94ec5dd5822_cryptolocker
- Size
  
  76KB
- MD5
  
  9daa3f0f1116180696ecd94ec5dd5822
- SHA1
  
  62f7a56cee36bf2c99009ec8d86c10d2a0720471
- SHA256
  
  8098487e409bd0bf5547f597b15a10357018c2b31893bbbfdf772274a781b48a
- SHA512
  
  39284fa4728e8054012d67d166e1fe28e80a7f963e2dc54fc33b4ad0dc6f6ca8bbc2863d62e8ac239f4061cb5785c159db36e26493ba6c7e8d442f7f27297e8a
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KU0:ZVxkGOtEvwDpjcaA
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2