d0fde19b615ecaac877771b68a7f43899d1e46d3321bc58593709492120e218b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-23_42b0e8fdd699cb8d0b1ad367ae488466_cryptolocker
Size

37KB
Sample

240523-3d8apsdc28
MD5

42b0e8fdd699cb8d0b1ad367ae488466
SHA1

db8d92600f4815eb6cde9eb0ec199edfc0020c40
SHA256

d0fde19b615ecaac877771b68a7f43899d1e46d3321bc58593709492120e218b
SHA512

a9d7570cf313a776f79f5bc97504d69ca0dc0c89a2d48583c86de37b4d7884b80dd0fa028eba72f548e0c95988d685fd3f545ae086ed1c2f99035690695bdd64
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAgmEzXKxA+uspNCl:bAvJCYOOvbRPDEgXRc+BAILYfED

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-23_42b0e8fdd699cb8d0b1ad367ae488466_cryptolocker
- Size
  
  37KB
- MD5
  
  42b0e8fdd699cb8d0b1ad367ae488466
- SHA1
  
  db8d92600f4815eb6cde9eb0ec199edfc0020c40
- SHA256
  
  d0fde19b615ecaac877771b68a7f43899d1e46d3321bc58593709492120e218b
- SHA512
  
  a9d7570cf313a776f79f5bc97504d69ca0dc0c89a2d48583c86de37b4d7884b80dd0fa028eba72f548e0c95988d685fd3f545ae086ed1c2f99035690695bdd64
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAgmEzXKxA+uspNCl:bAvJCYOOvbRPDEgXRc+BAILYfED
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2