cryptolocker | 7917dc11a225990069364b7e1fb64f9a7f4510c3cf0cf0a097ef4295eba452dd | Triage

Resubmissions

14-12-2024 23:05

241214-2211vsyneq 10

14-12-2024 23:01

241214-2zqr4synbj 10

Sharing

General

Target

876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b.7z
Size

511KB
Sample

241214-2zqr4synbj
MD5

dc2e5836a983b72879a305238c74c6ad
SHA1

6a7985b1f75c91b293a45430738d405576a99dde
SHA256

7917dc11a225990069364b7e1fb64f9a7f4510c3cf0cf0a097ef4295eba452dd
SHA512

a74a5f50c684b86ad7f2a6df4806b0297769b43a6daa1cc2b463144f6bd34b55ee9be08f12b471943698449018fae7e508ca380b12e10d42edca7629019227c0
SSDEEP

12288:C2U9TAVFGqvD61k/VhTNZcVU6ceMHQrJMs42aHV3IhG2p4G:CFcVxncqeMwioY4hG2pz

Score

10^/10

cryptolocker discovery persistence ransomware

Malware Config

Targets

- Target
  
  876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b
- Size
  
  749KB
- MD5
  
  1eac61ee26db9242ba47437a027c47d4
- SHA1
  
  3a465cb953a62c6c2dd2dc61c9f874c6ad7d8e8c
- SHA256
  
  876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b
- SHA512
  
  b5966deb188881b3d1fd19f911601e451f2126b757c1341e41048cb8dbd990c411fa8815f0610217a1fd273d193cd3f9c2f199ecb02295d28ca6eeb429f88eb4
- SSDEEP
  
  12288:ZwtTSWbZzmK1tl8gBVkj6VNQJsojXXKI50XZo/6N3VG:Zwt2WdzxfmVjXr6Zz
Score

10^/10

cryptolocker discovery persistence ransomware
- CryptoLocker
  Ransomware family with multiple variants.
  ransomware cryptolocker
- Cryptolocker family
  cryptolocker
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cryptolockerdiscoverypersistenceransomware

behavioral2

behavioral3