bc62ec0500e956702003fea116b661a40c022f8349a5583dbf3db946404c4ff4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-18_53084e8b85bde96531127713c311c531_cryptolocker
Size

74KB
Sample

240218-jcas9sfd4x
MD5

53084e8b85bde96531127713c311c531
SHA1

8d2acd05084c2a34e10ace58ca8a35facbe49419
SHA256

bc62ec0500e956702003fea116b661a40c022f8349a5583dbf3db946404c4ff4
SHA512

41f25122e1596dbbf334edcae4a69c24efdd88e166d788a7d300d81bfd78c5427da7f431b1447448c19c1fb7e4dd8e73f2e145d4e94f8bb7e8bad59d05f20f75
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3Ku3d:ZVxkGOtEvwDpjcap

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-18_53084e8b85bde96531127713c311c531_cryptolocker
- Size
  
  74KB
- MD5
  
  53084e8b85bde96531127713c311c531
- SHA1
  
  8d2acd05084c2a34e10ace58ca8a35facbe49419
- SHA256
  
  bc62ec0500e956702003fea116b661a40c022f8349a5583dbf3db946404c4ff4
- SHA512
  
  41f25122e1596dbbf334edcae4a69c24efdd88e166d788a7d300d81bfd78c5427da7f431b1447448c19c1fb7e4dd8e73f2e145d4e94f8bb7e8bad59d05f20f75
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3Ku3d:ZVxkGOtEvwDpjcap
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2