966fea44fe1e8994c36f5c1415a2619f5524f21b687397c4b920f380eeedb54d | Triage

Sharing

General

Target

2024-05-04_86c235b66d9b2482e13a0a2da7d046f2_cryptolocker
Size

54KB
Sample

240504-ferb9ade6z
MD5

86c235b66d9b2482e13a0a2da7d046f2
SHA1

00e6d08840cdb2b776e5d4cb0f16a7ab136ccfdb
SHA256

966fea44fe1e8994c36f5c1415a2619f5524f21b687397c4b920f380eeedb54d
SHA512

11dc76e04dc7550343add9199de011ce076fb066664147ed1f1d7f3299a9f2a198d8457f9653faa2621c07109c0ad117c6278d69c259d8a9dd2f313068419151
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5Uoj:ZVxkGOtEvwDpjcZ

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-04_86c235b66d9b2482e13a0a2da7d046f2_cryptolocker
- Size
  
  54KB
- MD5
  
  86c235b66d9b2482e13a0a2da7d046f2
- SHA1
  
  00e6d08840cdb2b776e5d4cb0f16a7ab136ccfdb
- SHA256
  
  966fea44fe1e8994c36f5c1415a2619f5524f21b687397c4b920f380eeedb54d
- SHA512
  
  11dc76e04dc7550343add9199de011ce076fb066664147ed1f1d7f3299a9f2a198d8457f9653faa2621c07109c0ad117c6278d69c259d8a9dd2f313068419151
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5Uoj:ZVxkGOtEvwDpjcZ
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2