19af12524810be0e448d9c6ad80be5ac695591ff2f293089c9f85f498d43583a | Triage

Sharing

General

Target

2024-03-29_3d9cd18f4092a35b44ea355c7ed91eab_cryptolocker
Size

37KB
Sample

240329-d5sxnahc48
MD5

3d9cd18f4092a35b44ea355c7ed91eab
SHA1

438f623c4b8a9500eb359b2a117e21da69a64431
SHA256

19af12524810be0e448d9c6ad80be5ac695591ff2f293089c9f85f498d43583a
SHA512

31594118e7ef1c6622267ae4fb065456389a05d6cc588bcdc68c8ead16206bed810d316fa2ae66513e73d823063c163a949025aa13872543c224205b0682bc2d
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenU3:ZzFbxmLPWQMOtEvwDpjLeq

Score

10^/10

Malware Config

Targets

- Target
  
  2024-03-29_3d9cd18f4092a35b44ea355c7ed91eab_cryptolocker
- Size
  
  37KB
- MD5
  
  3d9cd18f4092a35b44ea355c7ed91eab
- SHA1
  
  438f623c4b8a9500eb359b2a117e21da69a64431
- SHA256
  
  19af12524810be0e448d9c6ad80be5ac695591ff2f293089c9f85f498d43583a
- SHA512
  
  31594118e7ef1c6622267ae4fb065456389a05d6cc588bcdc68c8ead16206bed810d316fa2ae66513e73d823063c163a949025aa13872543c224205b0682bc2d
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenU3:ZzFbxmLPWQMOtEvwDpjLeq
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2