2b046d0f2ff3423c999a24b7b42edef97a584ffd26617898834e13732e2bf90c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_dbd2573a5da33aef2fdf0e7ce94e08b9_cryptolocker
Size

35KB
Sample

240531-zkep7adf46
MD5

dbd2573a5da33aef2fdf0e7ce94e08b9
SHA1

b7a4e81f0e2e403d18332c6534c5afcb162eb446
SHA256

2b046d0f2ff3423c999a24b7b42edef97a584ffd26617898834e13732e2bf90c
SHA512

8bcbce4a1e39cbdc3ae6a249139c87a3b43066e6f95963d367d3e33551511dd0c7760b6c38cdbd16f460cfb36f7f45c4791dc10f5d3df5bdd3e48fabe5e81d55
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5ejv6:bxNrC7kYo1Fxf2rYuy

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-31_dbd2573a5da33aef2fdf0e7ce94e08b9_cryptolocker
- Size
  
  35KB
- MD5
  
  dbd2573a5da33aef2fdf0e7ce94e08b9
- SHA1
  
  b7a4e81f0e2e403d18332c6534c5afcb162eb446
- SHA256
  
  2b046d0f2ff3423c999a24b7b42edef97a584ffd26617898834e13732e2bf90c
- SHA512
  
  8bcbce4a1e39cbdc3ae6a249139c87a3b43066e6f95963d367d3e33551511dd0c7760b6c38cdbd16f460cfb36f7f45c4791dc10f5d3df5bdd3e48fabe5e81d55
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5ejv6:bxNrC7kYo1Fxf2rYuy
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2