0da959b54501996e301c987df30231a606047dc0cc095ef03278c05881818338 | Triage

Resubmissions

23-02-2024 19:57

240223-ypklkaga77 7

23-02-2024 19:50

240223-ykqa9agh4t 10

Sharing

General

Target

2024-02-23_89fa18b6e0de0b0613263a7f7c2552b5_cryptolocker
Size

47KB
Sample

240223-ykqa9agh4t
MD5

89fa18b6e0de0b0613263a7f7c2552b5
SHA1

18cd8f6931f61c74b3bc8fae886e2ffaa8f99af3
SHA256

0da959b54501996e301c987df30231a606047dc0cc095ef03278c05881818338
SHA512

22322d7651b5f3d2c4120bf23baf9d7fdb9ce0d2e459e8e2b4d1b8f2dc256f25cfec4717b3fff5e69e95a6177504fe67ccb2be9dab724b2986cf6d43b433b1ff
SSDEEP

768:bgX4zYcgTEu6QOaryfjqDlC6JFbK37Yl6dIDaI:bgGYcA/53GAA6y37Q6dIV

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-23_89fa18b6e0de0b0613263a7f7c2552b5_cryptolocker
- Size
  
  47KB
- MD5
  
  89fa18b6e0de0b0613263a7f7c2552b5
- SHA1
  
  18cd8f6931f61c74b3bc8fae886e2ffaa8f99af3
- SHA256
  
  0da959b54501996e301c987df30231a606047dc0cc095ef03278c05881818338
- SHA512
  
  22322d7651b5f3d2c4120bf23baf9d7fdb9ce0d2e459e8e2b4d1b8f2dc256f25cfec4717b3fff5e69e95a6177504fe67ccb2be9dab724b2986cf6d43b433b1ff
- SSDEEP
  
  768:bgX4zYcgTEu6QOaryfjqDlC6JFbK37Yl6dIDaI:bgGYcA/53GAA6y37Q6dIV
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2