f1d151d3ea4eb0b8d28c57df7712961237770c80966630bff1643f40a507c075 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_e29f11c1da7402bd53880718b31bc7b3_cryptolocker
Size

35KB
Sample

240503-s1elssdb73
MD5

e29f11c1da7402bd53880718b31bc7b3
SHA1

09230b466c4f8865a0007369a64ec8ff2d9d5cf1
SHA256

f1d151d3ea4eb0b8d28c57df7712961237770c80966630bff1643f40a507c075
SHA512

01b1051b657109c62109c35fd7f8aeaa6836ceeab5cadea79a63189d1839a53ec46ca8c520b73ad7f5bbafa34239a6658f3a4b8cf71e1faa399365a48014238b
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gxrOQv:bAvJCYOOvbRPDEgXRcuM9gxiW

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-03_e29f11c1da7402bd53880718b31bc7b3_cryptolocker
- Size
  
  35KB
- MD5
  
  e29f11c1da7402bd53880718b31bc7b3
- SHA1
  
  09230b466c4f8865a0007369a64ec8ff2d9d5cf1
- SHA256
  
  f1d151d3ea4eb0b8d28c57df7712961237770c80966630bff1643f40a507c075
- SHA512
  
  01b1051b657109c62109c35fd7f8aeaa6836ceeab5cadea79a63189d1839a53ec46ca8c520b73ad7f5bbafa34239a6658f3a4b8cf71e1faa399365a48014238b
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gxrOQv:bAvJCYOOvbRPDEgXRcuM9gxiW
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2