879eb4f13a77f360357b7e271028bd5e576f96f851f8b107ed9705d68dd9ef43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-30_e13880719469ea7cfecf66615e2d28ea_cryptolocker
Size

37KB
Sample

240530-x8yf4aaa26
MD5

e13880719469ea7cfecf66615e2d28ea
SHA1

f83652b2aeb304bc1e31674728f2d93dec7891b6
SHA256

879eb4f13a77f360357b7e271028bd5e576f96f851f8b107ed9705d68dd9ef43
SHA512

47df545ac26dae3e675f6fb2ae0a51c6a7c4ca182d25d5e914471509d60cb01ed0e72a5e3b9fa1244fea05a27300cad45adbb234a0eec4e73e37605a3d61c2f4
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIac:bAvJCF+RQgJeab4sbW

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-30_e13880719469ea7cfecf66615e2d28ea_cryptolocker
- Size
  
  37KB
- MD5
  
  e13880719469ea7cfecf66615e2d28ea
- SHA1
  
  f83652b2aeb304bc1e31674728f2d93dec7891b6
- SHA256
  
  879eb4f13a77f360357b7e271028bd5e576f96f851f8b107ed9705d68dd9ef43
- SHA512
  
  47df545ac26dae3e675f6fb2ae0a51c6a7c4ca182d25d5e914471509d60cb01ed0e72a5e3b9fa1244fea05a27300cad45adbb234a0eec4e73e37605a3d61c2f4
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIac:bAvJCF+RQgJeab4sbW
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2