4dc7aaa819aa5da78bb10ff7cccee2276124fd97fae1943e4a181ac1f9d3c124 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-10_1ff2477913f93beea44c3298a8742930_cryptolocker
Size

42KB
Sample

240510-twfhzaef5x
MD5

1ff2477913f93beea44c3298a8742930
SHA1

56eea0f76cbb268ba343822bd1cc96256b64d013
SHA256

4dc7aaa819aa5da78bb10ff7cccee2276124fd97fae1943e4a181ac1f9d3c124
SHA512

f90b716d4552a928b04f757be963a01ed5dd77e20e77d5d6fe53e998b451f0acf610e5e5ca98c2cceb81eac2747b088cf121e5f99d1489b30733162fc7901d0c
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/JX:bAvJCF+RQgJeab4sy/l5

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-10_1ff2477913f93beea44c3298a8742930_cryptolocker
- Size
  
  42KB
- MD5
  
  1ff2477913f93beea44c3298a8742930
- SHA1
  
  56eea0f76cbb268ba343822bd1cc96256b64d013
- SHA256
  
  4dc7aaa819aa5da78bb10ff7cccee2276124fd97fae1943e4a181ac1f9d3c124
- SHA512
  
  f90b716d4552a928b04f757be963a01ed5dd77e20e77d5d6fe53e998b451f0acf610e5e5ca98c2cceb81eac2747b088cf121e5f99d1489b30733162fc7901d0c
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/JX:bAvJCF+RQgJeab4sy/l5
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2