bde07b6acf3efbc1854976b5a54401efacd8ceb2a414c7b8547859e8c87fd050 | Triage

Sharing

General

Target

2024-05-12_d93f10acc1f50f66fdbe0765adaa431d_cryptolocker
Size

33KB
Sample

240512-fk5f3ach87
MD5

d93f10acc1f50f66fdbe0765adaa431d
SHA1

4d33c1e395c3bc431df1b3b32dec581fc0be09ac
SHA256

bde07b6acf3efbc1854976b5a54401efacd8ceb2a414c7b8547859e8c87fd050
SHA512

d60eaf61ca15732f3a51481f25d603dc7a705b03468d47b09ac1221f62deb010eb3ab523fc0d6e2fcf94004a59e10ea4e6544234e33e33a75fa46c04a1d5c429
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7yB:bAvJCYOOvbRPDEgXRcJG

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-12_d93f10acc1f50f66fdbe0765adaa431d_cryptolocker
- Size
  
  33KB
- MD5
  
  d93f10acc1f50f66fdbe0765adaa431d
- SHA1
  
  4d33c1e395c3bc431df1b3b32dec581fc0be09ac
- SHA256
  
  bde07b6acf3efbc1854976b5a54401efacd8ceb2a414c7b8547859e8c87fd050
- SHA512
  
  d60eaf61ca15732f3a51481f25d603dc7a705b03468d47b09ac1221f62deb010eb3ab523fc0d6e2fcf94004a59e10ea4e6544234e33e33a75fa46c04a1d5c429
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7yB:bAvJCYOOvbRPDEgXRcJG
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2