64f96e9b19a761077f5252c84b6000979c249f18856d95396a9a8c8e98083761 | Triage

Sharing

General

Target

2024-01-25_c8088581ccfd265e66acdced8d015468_cryptolocker
Size

30KB
Sample

240125-r94rlsaeaj
MD5

c8088581ccfd265e66acdced8d015468
SHA1

d445f3ecee3ec40154a3655884782ec16f8c7a1c
SHA256

64f96e9b19a761077f5252c84b6000979c249f18856d95396a9a8c8e98083761
SHA512

56c11d404cd144d33512aa32fe9e2f47efa56b7d4c970b5fcfa7a94c543c0b3fc4fd8525194bf944baec71ecddf4a97add4ad43d33c97d4d3c8dae2875649188
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpj6Qvem:ZzFbxmLPWQMOtEvwDpj6a

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-25_c8088581ccfd265e66acdced8d015468_cryptolocker
- Size
  
  30KB
- MD5
  
  c8088581ccfd265e66acdced8d015468
- SHA1
  
  d445f3ecee3ec40154a3655884782ec16f8c7a1c
- SHA256
  
  64f96e9b19a761077f5252c84b6000979c249f18856d95396a9a8c8e98083761
- SHA512
  
  56c11d404cd144d33512aa32fe9e2f47efa56b7d4c970b5fcfa7a94c543c0b3fc4fd8525194bf944baec71ecddf4a97add4ad43d33c97d4d3c8dae2875649188
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpj6Qvem:ZzFbxmLPWQMOtEvwDpj6a
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2