35e162b36700f2f4a374f931f41d4ad5b53e3af4950b15f9783d194022d5082d | Triage

Sharing

General

Target

2024-03-16_c35c4d4b2e2a3ea5e14c979c52e0abee_cryptolocker
Size

61KB
Sample

240316-hgzshsea5t
MD5

c35c4d4b2e2a3ea5e14c979c52e0abee
SHA1

99b55d8468a37773fa21fed9a994253b14fc49f1
SHA256

35e162b36700f2f4a374f931f41d4ad5b53e3af4950b15f9783d194022d5082d
SHA512

6968bff87a1c87f8359d1780c5587b5f1842c9ac5873d4e61c26ac7d5e0384158c58b09a2c4c95edfff895dbfb0da890efc82cb2221aa4dbd06022ecdfe28c67
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3rFC0w1c4:ZVxkGOtEvwDpjcao

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-16_c35c4d4b2e2a3ea5e14c979c52e0abee_cryptolocker
- Size
  
  61KB
- MD5
  
  c35c4d4b2e2a3ea5e14c979c52e0abee
- SHA1
  
  99b55d8468a37773fa21fed9a994253b14fc49f1
- SHA256
  
  35e162b36700f2f4a374f931f41d4ad5b53e3af4950b15f9783d194022d5082d
- SHA512
  
  6968bff87a1c87f8359d1780c5587b5f1842c9ac5873d4e61c26ac7d5e0384158c58b09a2c4c95edfff895dbfb0da890efc82cb2221aa4dbd06022ecdfe28c67
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3rFC0w1c4:ZVxkGOtEvwDpjcao
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2