f6346c569bca2fbbb267064ba1b3db4b8e4f4d4ccc8d5b9730539e3d425f83de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-27_baf236a1e1ffaa108b44a91ea59e1a54_cryptolocker
Size

34KB
Sample

240527-vcvn8aaf5y
MD5

baf236a1e1ffaa108b44a91ea59e1a54
SHA1

797d6dbfb4963d53be14174c9efb4fcfbd4a5df1
SHA256

f6346c569bca2fbbb267064ba1b3db4b8e4f4d4ccc8d5b9730539e3d425f83de
SHA512

29cf7a6698fab3716dd6ddde326d3cfae54c4b16225caf1aa761f84a2b0bc1b600892b5c40f4a53c9abf7deb962fca1185048058652c1e8bee35fa0bb3292272
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5F:bxNrC7kYo1Fxf2rY5

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-27_baf236a1e1ffaa108b44a91ea59e1a54_cryptolocker
- Size
  
  34KB
- MD5
  
  baf236a1e1ffaa108b44a91ea59e1a54
- SHA1
  
  797d6dbfb4963d53be14174c9efb4fcfbd4a5df1
- SHA256
  
  f6346c569bca2fbbb267064ba1b3db4b8e4f4d4ccc8d5b9730539e3d425f83de
- SHA512
  
  29cf7a6698fab3716dd6ddde326d3cfae54c4b16225caf1aa761f84a2b0bc1b600892b5c40f4a53c9abf7deb962fca1185048058652c1e8bee35fa0bb3292272
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5F:bxNrC7kYo1Fxf2rY5
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2