a43f0f92478e711dab08cf7278ace8e7f2fa3e25cd6677edf1d8bd14ba2e2b5f | Triage

Sharing

General

Target

2024-03-09_59afa8788340646ca17f42577334fccc_cryptolocker
Size

41KB
Sample

240309-axn2ysaf86
MD5

59afa8788340646ca17f42577334fccc
SHA1

09f04148fb8a6d533d38381b0ee4dbc3b048c2fa
SHA256

a43f0f92478e711dab08cf7278ace8e7f2fa3e25cd6677edf1d8bd14ba2e2b5f
SHA512

ede3342711d80d2cf76765e963e45c1ac976c4b774df1d3cf189ec2a7bc13d110c1aa885bbde7eafd1f8f5bdb7dee9e9b88521c4485a118e820066bc325567bb
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTyha:ZzFbxmLPWQMOtEvwDpjLeU3v

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-09_59afa8788340646ca17f42577334fccc_cryptolocker
- Size
  
  41KB
- MD5
  
  59afa8788340646ca17f42577334fccc
- SHA1
  
  09f04148fb8a6d533d38381b0ee4dbc3b048c2fa
- SHA256
  
  a43f0f92478e711dab08cf7278ace8e7f2fa3e25cd6677edf1d8bd14ba2e2b5f
- SHA512
  
  ede3342711d80d2cf76765e963e45c1ac976c4b774df1d3cf189ec2a7bc13d110c1aa885bbde7eafd1f8f5bdb7dee9e9b88521c4485a118e820066bc325567bb
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTyha:ZzFbxmLPWQMOtEvwDpjLeU3v
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2