8be29d6ed24f8a7fda06a422370d777a16e38f05b1c743a108e02d1a59423522 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_388fb132d222bb914bce3ebfbd6d742f_cryptolocker
Size

35KB
Sample

240531-y8bsrsch97
MD5

388fb132d222bb914bce3ebfbd6d742f
SHA1

d36ffa45dcbcc69416ec908ebb15bd55d5ae5864
SHA256

8be29d6ed24f8a7fda06a422370d777a16e38f05b1c743a108e02d1a59423522
SHA512

3ebc0731d0d3635761e348ef20b02196c799134813872b79d9316b847b8a52b30c897756174e4ef5d4f50a11fe91bbc0f87810b30ce2db934c0bd64cfbfa7563
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5ejvb:bxNrC7kYo1Fxf2rYuT

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-31_388fb132d222bb914bce3ebfbd6d742f_cryptolocker
- Size
  
  35KB
- MD5
  
  388fb132d222bb914bce3ebfbd6d742f
- SHA1
  
  d36ffa45dcbcc69416ec908ebb15bd55d5ae5864
- SHA256
  
  8be29d6ed24f8a7fda06a422370d777a16e38f05b1c743a108e02d1a59423522
- SHA512
  
  3ebc0731d0d3635761e348ef20b02196c799134813872b79d9316b847b8a52b30c897756174e4ef5d4f50a11fe91bbc0f87810b30ce2db934c0bd64cfbfa7563
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5ejvb:bxNrC7kYo1Fxf2rYuT
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2