6bbec34b3d22f181bb079089953378b45cd5e911cb7d35763ea9c759e43536ca | Triage

Sharing

General

Target

2024-05-22_08304fe7b47ca283648fd0babcdbb828_cryptolocker
Size

40KB
Sample

240522-ctw99shc63
MD5

08304fe7b47ca283648fd0babcdbb828
SHA1

e0109739e6917762ad2a1fdcd653be40a7b18b3e
SHA256

6bbec34b3d22f181bb079089953378b45cd5e911cb7d35763ea9c759e43536ca
SHA512

b77ade223e0eeed1d65965f332b1659630cc904025b5eb3c8480ad8f90b8131b6eefbd5a83406e9d12e149ed9876f99358450a5d53872e4b21fcfede1a3e309b
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuDky:ZzFbxmLPWQMOtEvwDpjLeJAsKcV

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_08304fe7b47ca283648fd0babcdbb828_cryptolocker
- Size
  
  40KB
- MD5
  
  08304fe7b47ca283648fd0babcdbb828
- SHA1
  
  e0109739e6917762ad2a1fdcd653be40a7b18b3e
- SHA256
  
  6bbec34b3d22f181bb079089953378b45cd5e911cb7d35763ea9c759e43536ca
- SHA512
  
  b77ade223e0eeed1d65965f332b1659630cc904025b5eb3c8480ad8f90b8131b6eefbd5a83406e9d12e149ed9876f99358450a5d53872e4b21fcfede1a3e309b
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuDky:ZzFbxmLPWQMOtEvwDpjLeJAsKcV
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2