974b2bc29dbbe99284f459f697117aa5b229aa0059dc56e0026c021d38fd7859 | Triage

Sharing

General

Target

2024-01-18_1ae5adfff4f95e67a9ac26d4eba07a3e_cryptolocker
Size

74KB
Sample

240118-2egcyabbcm
MD5

1ae5adfff4f95e67a9ac26d4eba07a3e
SHA1

5f715700aad374d926ed6b2b3d7a45c76d1ae4c5
SHA256

974b2bc29dbbe99284f459f697117aa5b229aa0059dc56e0026c021d38fd7859
SHA512

ad4306d02a717edd271bf160b4156b7e3f3ab99fb8edcc0bcad08273015de6a67504647921a3a66f32b5446e8b293c9a50de75039ac0789b3b2899c2d5709b84
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuA50:ZVxkGOtEvwDpjca7

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-18_1ae5adfff4f95e67a9ac26d4eba07a3e_cryptolocker
- Size
  
  74KB
- MD5
  
  1ae5adfff4f95e67a9ac26d4eba07a3e
- SHA1
  
  5f715700aad374d926ed6b2b3d7a45c76d1ae4c5
- SHA256
  
  974b2bc29dbbe99284f459f697117aa5b229aa0059dc56e0026c021d38fd7859
- SHA512
  
  ad4306d02a717edd271bf160b4156b7e3f3ab99fb8edcc0bcad08273015de6a67504647921a3a66f32b5446e8b293c9a50de75039ac0789b3b2899c2d5709b84
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuA50:ZVxkGOtEvwDpjca7
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2