36e9dca247b363b6c73df351a6eac069a3dbaca5e2c549e7710b462e1bb19754 | Triage

Sharing

General

Target

2024-01-19_24d2650366714789a1d47e4a18b321eb_cryptolocker
Size

38KB
Sample

240119-prcjaseeh2
MD5

24d2650366714789a1d47e4a18b321eb
SHA1

dcf40b01d91996a0d5b48062d585c4491824ce21
SHA256

36e9dca247b363b6c73df351a6eac069a3dbaca5e2c549e7710b462e1bb19754
SHA512

09d79b2dceb8bcb20791a9ae9ca320a46473a4331f7afe7f3152f710c3d9d17ceaa1dd75d5630f6570ef299af6a0a71e13fd58f55cf0b13eb3fcc488e010aa02
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunrkwIS:btB9g/WItCSsAGjX7e9N0hunrkK

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-19_24d2650366714789a1d47e4a18b321eb_cryptolocker
- Size
  
  38KB
- MD5
  
  24d2650366714789a1d47e4a18b321eb
- SHA1
  
  dcf40b01d91996a0d5b48062d585c4491824ce21
- SHA256
  
  36e9dca247b363b6c73df351a6eac069a3dbaca5e2c549e7710b462e1bb19754
- SHA512
  
  09d79b2dceb8bcb20791a9ae9ca320a46473a4331f7afe7f3152f710c3d9d17ceaa1dd75d5630f6570ef299af6a0a71e13fd58f55cf0b13eb3fcc488e010aa02
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunrkwIS:btB9g/WItCSsAGjX7e9N0hunrkK
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2