b16fe0f6880b0b7e06f909e5f0362ffe09118713a4abe1581b736fbfde358005 | Triage

Sharing

General

Target

2024-05-10_9b3af18b70ca363c56c85b96df68b802_cryptolocker
Size

32KB
Sample

240510-v2kkjsca83
MD5

9b3af18b70ca363c56c85b96df68b802
SHA1

7c9f724f8a4d62ef8e6c12f020fec9d8a13144e9
SHA256

b16fe0f6880b0b7e06f909e5f0362ffe09118713a4abe1581b736fbfde358005
SHA512

716b9fcbae4a382f66427f96cc84009c5f2318fe8ba098a193eecd90750487e8df5f9ea9f6896f84894c18aa46427625e22f7ed338b9d5bb89cb695646ef1a5a
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5j9:bxNrC7kYo1Fxf2rYP9

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-10_9b3af18b70ca363c56c85b96df68b802_cryptolocker
- Size
  
  32KB
- MD5
  
  9b3af18b70ca363c56c85b96df68b802
- SHA1
  
  7c9f724f8a4d62ef8e6c12f020fec9d8a13144e9
- SHA256
  
  b16fe0f6880b0b7e06f909e5f0362ffe09118713a4abe1581b736fbfde358005
- SHA512
  
  716b9fcbae4a382f66427f96cc84009c5f2318fe8ba098a193eecd90750487e8df5f9ea9f6896f84894c18aa46427625e22f7ed338b9d5bb89cb695646ef1a5a
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5j9:bxNrC7kYo1Fxf2rYP9
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2