8784371a7a9cd1b9cf2e0a616244748299bd8380b05333c666c94f70e7d093a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-01_f9b64b354cc69da8f9ff111df0383a22_cryptolocker
Size

43KB
Sample

240601-em2brahd3v
MD5

f9b64b354cc69da8f9ff111df0383a22
SHA1

1613a8681e790f8031ae4ac91a6e0c1e39aaf724
SHA256

8784371a7a9cd1b9cf2e0a616244748299bd8380b05333c666c94f70e7d093a4
SHA512

b205d7f5cd88dc558c14752558f86b243ecbabefc0c2b055998e8ef7bed44003fc75c2f284187d73e7b928af5708d1da295a781c21494456504c45dc429bc723
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/Ji3:bAvJCF+RQgJeab4sy/lo3

Score

10^/10

Malware Config

Targets

- Target
  
  2024-06-01_f9b64b354cc69da8f9ff111df0383a22_cryptolocker
- Size
  
  43KB
- MD5
  
  f9b64b354cc69da8f9ff111df0383a22
- SHA1
  
  1613a8681e790f8031ae4ac91a6e0c1e39aaf724
- SHA256
  
  8784371a7a9cd1b9cf2e0a616244748299bd8380b05333c666c94f70e7d093a4
- SHA512
  
  b205d7f5cd88dc558c14752558f86b243ecbabefc0c2b055998e8ef7bed44003fc75c2f284187d73e7b928af5708d1da295a781c21494456504c45dc429bc723
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/Ji3:bAvJCF+RQgJeab4sy/lo3
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2