db5358fe13d8c53264e936eae06203317618508754fdedb9eb9828fb17c2e342 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-01_210f2687f624c369261bf2615e58324b_cryptolocker
Size

35KB
Sample

240501-st3p2saa5z
MD5

210f2687f624c369261bf2615e58324b
SHA1

8b7b1ff0e1ab33228ea1d16316d12bf9820b6041
SHA256

db5358fe13d8c53264e936eae06203317618508754fdedb9eb9828fb17c2e342
SHA512

26b85b2e3cee15fbc354f353c1f581b1cc06ba6635e435129ffe1b058d3606485467694fcc958159dc1b0172fbb3ffb52dbd3f9b09e8e6ee3ee74774bff4d912
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gxrO7:bAvJCYOOvbRPDEgXRcuM9gxi7

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-01_210f2687f624c369261bf2615e58324b_cryptolocker
- Size
  
  35KB
- MD5
  
  210f2687f624c369261bf2615e58324b
- SHA1
  
  8b7b1ff0e1ab33228ea1d16316d12bf9820b6041
- SHA256
  
  db5358fe13d8c53264e936eae06203317618508754fdedb9eb9828fb17c2e342
- SHA512
  
  26b85b2e3cee15fbc354f353c1f581b1cc06ba6635e435129ffe1b058d3606485467694fcc958159dc1b0172fbb3ffb52dbd3f9b09e8e6ee3ee74774bff4d912
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gxrO7:bAvJCYOOvbRPDEgXRcuM9gxi7
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2