a9b37c87b429e6ab05f11364c98be902d5951de62801e2dee20cee5d81c82678 | Triage

Sharing

General

Target

2024-01-25_540d0e2e7c625b413d04aa00dc70ab5c_cryptolocker
Size

31KB
Sample

240125-y7eg9sfegj
MD5

540d0e2e7c625b413d04aa00dc70ab5c
SHA1

c7dfe75c3a588b9e506ce614fe8f56e2a6950e24
SHA256

a9b37c87b429e6ab05f11364c98be902d5951de62801e2dee20cee5d81c82678
SHA512

3965f29f966c4c1361fd9cb2e91f75fdb1a616c0503c634e03b19733d91f2f627a6f618beef0e370dee4a510ce908521389f05431c0ec988916fa2cc71a415f2
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM98t:bAvJCYOOvbRPDEgXRcuM98t

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-25_540d0e2e7c625b413d04aa00dc70ab5c_cryptolocker
- Size
  
  31KB
- MD5
  
  540d0e2e7c625b413d04aa00dc70ab5c
- SHA1
  
  c7dfe75c3a588b9e506ce614fe8f56e2a6950e24
- SHA256
  
  a9b37c87b429e6ab05f11364c98be902d5951de62801e2dee20cee5d81c82678
- SHA512
  
  3965f29f966c4c1361fd9cb2e91f75fdb1a616c0503c634e03b19733d91f2f627a6f618beef0e370dee4a510ce908521389f05431c0ec988916fa2cc71a415f2
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM98t:bAvJCYOOvbRPDEgXRcuM98t
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2