7d8cccf8f6161e561fb5a0b31381dd45274289acb4f8858c05d4a36c16a92fc1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-11_4f54a4bf695b7ca587d081b79b65b4e9_cryptolocker
Size

40KB
Sample

240511-1axnpacf57
MD5

4f54a4bf695b7ca587d081b79b65b4e9
SHA1

55643e807e8427dad045ce29c9d1aa9c266f2bbe
SHA256

7d8cccf8f6161e561fb5a0b31381dd45274289acb4f8858c05d4a36c16a92fc1
SHA512

42fe5e1c57d74350c91212f9de04dfae1855bbe1f965d645e84f0b3aec0b897b26b9373dcaa3228ecc3086665e1f044fc62d8d96dc90c6bdfa1f8590ccc9d76f
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuDk+n:ZzFbxmLPWQMOtEvwDpjLeJAsKcH

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-11_4f54a4bf695b7ca587d081b79b65b4e9_cryptolocker
- Size
  
  40KB
- MD5
  
  4f54a4bf695b7ca587d081b79b65b4e9
- SHA1
  
  55643e807e8427dad045ce29c9d1aa9c266f2bbe
- SHA256
  
  7d8cccf8f6161e561fb5a0b31381dd45274289acb4f8858c05d4a36c16a92fc1
- SHA512
  
  42fe5e1c57d74350c91212f9de04dfae1855bbe1f965d645e84f0b3aec0b897b26b9373dcaa3228ecc3086665e1f044fc62d8d96dc90c6bdfa1f8590ccc9d76f
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuDk+n:ZzFbxmLPWQMOtEvwDpjLeJAsKcH
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2