5be9f38b03c8c46800381a0e72136162b80844ed720d3121bcf8507fba0a18dd | Triage

Sharing

General

Target

2024-04-19_ee90a2cbde87d6bd9340436de252775a_cryptolocker
Size

34KB
Sample

240419-e95yfsab2z
MD5

ee90a2cbde87d6bd9340436de252775a
SHA1

fde40106ea128d0f7c7e7a50b71346a0ab368d48
SHA256

5be9f38b03c8c46800381a0e72136162b80844ed720d3121bcf8507fba0a18dd
SHA512

88f4c5ebb058d423b801998bf102401257edd1353a12b64d091957ac7868e3510620ae6862194879f8647b6a53e64642bd4049737680063d846e9fcfbb0d63f4
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAgmEzXKxA+uspNk:bAvJCYOOvbRPDEgXRc+BAILYk

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-19_ee90a2cbde87d6bd9340436de252775a_cryptolocker
- Size
  
  34KB
- MD5
  
  ee90a2cbde87d6bd9340436de252775a
- SHA1
  
  fde40106ea128d0f7c7e7a50b71346a0ab368d48
- SHA256
  
  5be9f38b03c8c46800381a0e72136162b80844ed720d3121bcf8507fba0a18dd
- SHA512
  
  88f4c5ebb058d423b801998bf102401257edd1353a12b64d091957ac7868e3510620ae6862194879f8647b6a53e64642bd4049737680063d846e9fcfbb0d63f4
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAgmEzXKxA+uspNk:bAvJCYOOvbRPDEgXRc+BAILYk
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2