bbae027cb42faa42c560d81897f35e28682a0fd20b3ed1b188b5f03ad95ceca5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-01_5f6e1995e36c508609fc17b6151de1a6_cryptolocker
Size

32KB
Sample

240601-vzzxfshf8w
MD5

5f6e1995e36c508609fc17b6151de1a6
SHA1

d1ead508126adca28bb3346207f45cefb43fb32e
SHA256

bbae027cb42faa42c560d81897f35e28682a0fd20b3ed1b188b5f03ad95ceca5
SHA512

77889fd44eef83ff0dc7d67a59399b00420ef920b9b6e2c0b8ac3988092be972512e566e7c19937480034b555b94d16063d100b21c9fa4e1f768205f9c4cdcb1
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7A:bAvJCYOOvbRPDEgXRcJE

Score

10^/10

Malware Config

Targets

- Target
  
  2024-06-01_5f6e1995e36c508609fc17b6151de1a6_cryptolocker
- Size
  
  32KB
- MD5
  
  5f6e1995e36c508609fc17b6151de1a6
- SHA1
  
  d1ead508126adca28bb3346207f45cefb43fb32e
- SHA256
  
  bbae027cb42faa42c560d81897f35e28682a0fd20b3ed1b188b5f03ad95ceca5
- SHA512
  
  77889fd44eef83ff0dc7d67a59399b00420ef920b9b6e2c0b8ac3988092be972512e566e7c19937480034b555b94d16063d100b21c9fa4e1f768205f9c4cdcb1
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7A:bAvJCYOOvbRPDEgXRcJE
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2