6ce414d24bb5409a7779824044a7599bed9d294df9d3d43edc25902b6efe9fe1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-11_b175a310c786b0390d0047e7a87c8346_cryptolocker
Size

34KB
Sample

240511-hc4wnsah4s
MD5

b175a310c786b0390d0047e7a87c8346
SHA1

07103c53cc5d900b19e49619379e7b04b968b8a0
SHA256

6ce414d24bb5409a7779824044a7599bed9d294df9d3d43edc25902b6efe9fe1
SHA512

7a07e7d632316cd5a38c8d7a48de6371d4d4919e7c138a1513d030a878e7c4502f4eef893e6ff84a1b0bdbd389ac5f07abe445cc92f1ed116f88a2b7e93002af
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4y6:bxNrC7kYo1Fxf2rYA76

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-11_b175a310c786b0390d0047e7a87c8346_cryptolocker
- Size
  
  34KB
- MD5
  
  b175a310c786b0390d0047e7a87c8346
- SHA1
  
  07103c53cc5d900b19e49619379e7b04b968b8a0
- SHA256
  
  6ce414d24bb5409a7779824044a7599bed9d294df9d3d43edc25902b6efe9fe1
- SHA512
  
  7a07e7d632316cd5a38c8d7a48de6371d4d4919e7c138a1513d030a878e7c4502f4eef893e6ff84a1b0bdbd389ac5f07abe445cc92f1ed116f88a2b7e93002af
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4y6:bxNrC7kYo1Fxf2rYA76
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2