b8452cbdc78dc01afb18ec45f4a685efc11f828dab887041d6b6953f18bafb68 | Triage

Sharing

General

Target

2024-03-16_5cc6ea697b5cb2a0ea0ee6f95bf24f81_cryptolocker
Size

39KB
Sample

240316-eycgrsdf34
MD5

5cc6ea697b5cb2a0ea0ee6f95bf24f81
SHA1

cbaa9618b704acac953a6a6f93a30711ef1cce01
SHA256

b8452cbdc78dc01afb18ec45f4a685efc11f828dab887041d6b6953f18bafb68
SHA512

2a56ad687d3dc43bcd3e9c49985e5fae2ccc2332c15f72126670b255975456089ba99a6b080266246b5895234df04dfa281869c5e5a23fb760ad0d1d6428d164
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTu0:ZzFbxmLPWQMOtEvwDpjLeU3G0

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-16_5cc6ea697b5cb2a0ea0ee6f95bf24f81_cryptolocker
- Size
  
  39KB
- MD5
  
  5cc6ea697b5cb2a0ea0ee6f95bf24f81
- SHA1
  
  cbaa9618b704acac953a6a6f93a30711ef1cce01
- SHA256
  
  b8452cbdc78dc01afb18ec45f4a685efc11f828dab887041d6b6953f18bafb68
- SHA512
  
  2a56ad687d3dc43bcd3e9c49985e5fae2ccc2332c15f72126670b255975456089ba99a6b080266246b5895234df04dfa281869c5e5a23fb760ad0d1d6428d164
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTu0:ZzFbxmLPWQMOtEvwDpjLeU3G0
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2