154161da76a59e83fcd8bdd1e67d6fc0dda9427df039f2e6af7b898294bf7287 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-30_f0986d6c3c2f0afa6705887338ea2fe6_cryptolocker
Size

30KB
Sample

240530-kjrwssda76
MD5

f0986d6c3c2f0afa6705887338ea2fe6
SHA1

fd7addd0c2a341428e8f3c0bbe54a17cc8b4bd67
SHA256

154161da76a59e83fcd8bdd1e67d6fc0dda9427df039f2e6af7b898294bf7287
SHA512

c6b307be178d0baf50e2ac55784030e1b131517dbe9fe727e49c14b5157ad2ef3fc15f06f5d0c83de397e841c6aaf8afe5b35673c64dbb970877c0f040516e03
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3vdo:bAvJCYOOvbRPDEgXRcJ2

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-30_f0986d6c3c2f0afa6705887338ea2fe6_cryptolocker
- Size
  
  30KB
- MD5
  
  f0986d6c3c2f0afa6705887338ea2fe6
- SHA1
  
  fd7addd0c2a341428e8f3c0bbe54a17cc8b4bd67
- SHA256
  
  154161da76a59e83fcd8bdd1e67d6fc0dda9427df039f2e6af7b898294bf7287
- SHA512
  
  c6b307be178d0baf50e2ac55784030e1b131517dbe9fe727e49c14b5157ad2ef3fc15f06f5d0c83de397e841c6aaf8afe5b35673c64dbb970877c0f040516e03
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3vdo:bAvJCYOOvbRPDEgXRcJ2
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2