888fc4cd53940faafdf76cd4c1a92d31ad83b23bad6cdce19ea7af3cd0928afb | Triage

Sharing

General

Target

2024-06-01_3c7421cb2b8ae5df95d606f74e511bc0_cryptolocker
Size

32KB
Sample

240601-l7npqaae35
MD5

3c7421cb2b8ae5df95d606f74e511bc0
SHA1

ccc0e81786431ee0dcd3ce96fde60895219cfe32
SHA256

888fc4cd53940faafdf76cd4c1a92d31ad83b23bad6cdce19ea7af3cd0928afb
SHA512

6b006c574879fa614868aedbe70706845e1b1871c81971da36a7da3e03d1056e0e2dd39919c6ed608e2f9478bad4ab593ad621c2c8efe4542ddd3819e3e042bc
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7h:bAvJCYOOvbRPDEgXRcJF

Score

10^/10

Malware Config

Targets

- Target
  
  2024-06-01_3c7421cb2b8ae5df95d606f74e511bc0_cryptolocker
- Size
  
  32KB
- MD5
  
  3c7421cb2b8ae5df95d606f74e511bc0
- SHA1
  
  ccc0e81786431ee0dcd3ce96fde60895219cfe32
- SHA256
  
  888fc4cd53940faafdf76cd4c1a92d31ad83b23bad6cdce19ea7af3cd0928afb
- SHA512
  
  6b006c574879fa614868aedbe70706845e1b1871c81971da36a7da3e03d1056e0e2dd39919c6ed608e2f9478bad4ab593ad621c2c8efe4542ddd3819e3e042bc
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7h:bAvJCYOOvbRPDEgXRcJF
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2