26a4a52166c59d7de3ed3e6d158e35c8606d0c1845387c30ee6be9012af07109 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-06_5f2e0928e20f947a13df2fd3f80c30ff_cryptolocker
Size

42KB
Sample

240406-az3ywsgb85
MD5

5f2e0928e20f947a13df2fd3f80c30ff
SHA1

204ae9b96593cd35ef12e8b72a34bfa1e537f7fa
SHA256

26a4a52166c59d7de3ed3e6d158e35c8606d0c1845387c30ee6be9012af07109
SHA512

8a9a04860879932f8b4ef153c8fcf7f03bbf5036c67b3a0affb2d0b5b72d5e41f805ac22f7f73fada3931f77ed3dd1c074d883e3ba98bc0ce3cac86d409715b7
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTv4xv:ZzFbxmLPWQMOtEvwDpjLeU3n4Z

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-06_5f2e0928e20f947a13df2fd3f80c30ff_cryptolocker
- Size
  
  42KB
- MD5
  
  5f2e0928e20f947a13df2fd3f80c30ff
- SHA1
  
  204ae9b96593cd35ef12e8b72a34bfa1e537f7fa
- SHA256
  
  26a4a52166c59d7de3ed3e6d158e35c8606d0c1845387c30ee6be9012af07109
- SHA512
  
  8a9a04860879932f8b4ef153c8fcf7f03bbf5036c67b3a0affb2d0b5b72d5e41f805ac22f7f73fada3931f77ed3dd1c074d883e3ba98bc0ce3cac86d409715b7
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTv4xv:ZzFbxmLPWQMOtEvwDpjLeU3n4Z
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2