5af60790528ca9bdde68b7f0c4ee3d7a3fbdcd9c5082f073a310449a7913f26a | Triage

Sharing

General

Target

2024-02-12_950e47d0da0dfc099a5dbbea1d3e128e_cryptolocker
Size

35KB
Sample

240212-ywf7qabd9x
MD5

950e47d0da0dfc099a5dbbea1d3e128e
SHA1

d7b87b0c124ff426c20adcc9b06044923c7fd0b5
SHA256

5af60790528ca9bdde68b7f0c4ee3d7a3fbdcd9c5082f073a310449a7913f26a
SHA512

aa1c2a5d6fe6aac246019bfe58af8e7d44a1d168e3fbe8c5b3c7801576afc580e3b529db74647605e299ecd8c61efb5c574dece6ae4c6022c2d5fd9ce76d791b
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjxgqKSyA5SQr5/8IF:ZzFbxmLPWQMOtEvwDpjxj5/Z

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-12_950e47d0da0dfc099a5dbbea1d3e128e_cryptolocker
- Size
  
  35KB
- MD5
  
  950e47d0da0dfc099a5dbbea1d3e128e
- SHA1
  
  d7b87b0c124ff426c20adcc9b06044923c7fd0b5
- SHA256
  
  5af60790528ca9bdde68b7f0c4ee3d7a3fbdcd9c5082f073a310449a7913f26a
- SHA512
  
  aa1c2a5d6fe6aac246019bfe58af8e7d44a1d168e3fbe8c5b3c7801576afc580e3b529db74647605e299ecd8c61efb5c574dece6ae4c6022c2d5fd9ce76d791b
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjxgqKSyA5SQr5/8IF:ZzFbxmLPWQMOtEvwDpjxj5/Z
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2