5eed90975cecd38200c22efa511e22d16445ca0b2fb96e007eece08797eac4d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-28_3d9d9edaec8aa151dbda7af2f90d12a2_cryptolocker
Size

76KB
Sample

240328-ykdmfseh8z
MD5

3d9d9edaec8aa151dbda7af2f90d12a2
SHA1

925c643acbeeaaeb8925cf97ad604d1617a7d692
SHA256

5eed90975cecd38200c22efa511e22d16445ca0b2fb96e007eece08797eac4d9
SHA512

6f412eb06f52a367874685774c24c0d3b7333aa12e3817138f3ecfb9409130559ab24bf708cea65276f24ba802e185525b2521b7cc3d4664e4a7a35a302f0443
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuA5r:ZVxkGOtEvwDpjcas

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-28_3d9d9edaec8aa151dbda7af2f90d12a2_cryptolocker
- Size
  
  76KB
- MD5
  
  3d9d9edaec8aa151dbda7af2f90d12a2
- SHA1
  
  925c643acbeeaaeb8925cf97ad604d1617a7d692
- SHA256
  
  5eed90975cecd38200c22efa511e22d16445ca0b2fb96e007eece08797eac4d9
- SHA512
  
  6f412eb06f52a367874685774c24c0d3b7333aa12e3817138f3ecfb9409130559ab24bf708cea65276f24ba802e185525b2521b7cc3d4664e4a7a35a302f0443
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuA5r:ZVxkGOtEvwDpjcas
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2