9785d9a4b23abed93db8c4f97adc30913b8c2cf8f3ee8ea7f3bb4e0731fd3059 | Triage

Sharing

General

Target

2024-06-02_f8711b838f56b2aa2435046f3c80c591_cryptolocker
Size

32KB
Sample

240602-enyl9aad6z
MD5

f8711b838f56b2aa2435046f3c80c591
SHA1

6a6c0e2a7abfb693abc7f2bfce6d9bec08d57132
SHA256

9785d9a4b23abed93db8c4f97adc30913b8c2cf8f3ee8ea7f3bb4e0731fd3059
SHA512

f72aa4357a9a4c4bcf52a7858fa6ff67e78bef5e818ac36b247fb989a1875e039077d86ed827f4e234918064f4cba130a09787888baa25b7be700955ad50301a
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7SH:bAvJCYOOvbRPDEgXRcJm

Score

10^/10

Malware Config

Targets

- Target
  
  2024-06-02_f8711b838f56b2aa2435046f3c80c591_cryptolocker
- Size
  
  32KB
- MD5
  
  f8711b838f56b2aa2435046f3c80c591
- SHA1
  
  6a6c0e2a7abfb693abc7f2bfce6d9bec08d57132
- SHA256
  
  9785d9a4b23abed93db8c4f97adc30913b8c2cf8f3ee8ea7f3bb4e0731fd3059
- SHA512
  
  f72aa4357a9a4c4bcf52a7858fa6ff67e78bef5e818ac36b247fb989a1875e039077d86ed827f4e234918064f4cba130a09787888baa25b7be700955ad50301a
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7SH:bAvJCYOOvbRPDEgXRcJm
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2