da9306233d0368a86e318011a4b7ab254e707d5daf145f749b95450ad899892c | Triage

Sharing

General

Target

2024-05-10_cdcb69318a1db2a9c467f9f19723a7ca_cryptolocker
Size

40KB
Sample

240510-a7q93aha7t
MD5

cdcb69318a1db2a9c467f9f19723a7ca
SHA1

47637910518894292cba4068d232f461138e41c8
SHA256

da9306233d0368a86e318011a4b7ab254e707d5daf145f749b95450ad899892c
SHA512

de7483d23d1d9c10ca25ad792f260a19d47ff9d991048d2c92c13f21dcfc5b583cb3648a39416fbef8c7709368532b310654780420efe602d5fcf7367d0d5d3f
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuD+L:ZzFbxmLPWQMOtEvwDpjLeJAsKcq

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-10_cdcb69318a1db2a9c467f9f19723a7ca_cryptolocker
- Size
  
  40KB
- MD5
  
  cdcb69318a1db2a9c467f9f19723a7ca
- SHA1
  
  47637910518894292cba4068d232f461138e41c8
- SHA256
  
  da9306233d0368a86e318011a4b7ab254e707d5daf145f749b95450ad899892c
- SHA512
  
  de7483d23d1d9c10ca25ad792f260a19d47ff9d991048d2c92c13f21dcfc5b583cb3648a39416fbef8c7709368532b310654780420efe602d5fcf7367d0d5d3f
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuD+L:ZzFbxmLPWQMOtEvwDpjLeJAsKcq
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2