3fdd5ac52891171ab406dc18613aee190e19b0c9af9b199b6eaa9f506bca1783 | Triage

Sharing

General

Target

2024-01-23_70f088a8b0700644065406b570b271be_cryptolocker
Size

51KB
Sample

240123-tyv2faccep
MD5

70f088a8b0700644065406b570b271be
SHA1

6490caab8a1c6242ff234d0c3467527047a06247
SHA256

3fdd5ac52891171ab406dc18613aee190e19b0c9af9b199b6eaa9f506bca1783
SHA512

1e5d36890fe5f7effe4b4db297d74d78184ff9eae48441350cfda1d580dd7a79205500592097d16a7d0a55fa1ef87032a8674fdc1f0aeeda8f32f26a149c799d
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5S:ZVxkGOtEvwDpjcw

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-23_70f088a8b0700644065406b570b271be_cryptolocker
- Size
  
  51KB
- MD5
  
  70f088a8b0700644065406b570b271be
- SHA1
  
  6490caab8a1c6242ff234d0c3467527047a06247
- SHA256
  
  3fdd5ac52891171ab406dc18613aee190e19b0c9af9b199b6eaa9f506bca1783
- SHA512
  
  1e5d36890fe5f7effe4b4db297d74d78184ff9eae48441350cfda1d580dd7a79205500592097d16a7d0a55fa1ef87032a8674fdc1f0aeeda8f32f26a149c799d
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5S:ZVxkGOtEvwDpjcw
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2