116f73fc7e931d9a76c2c958ca5e7bc53e8ab6364cc8f8d278817fd4b3997d27 | Triage

Sharing

General

Target

2024-04-22_256bf52a32cac6531230d4bb8f9e6891_cryptolocker
Size

33KB
Sample

240422-jdlbdsgh79
MD5

256bf52a32cac6531230d4bb8f9e6891
SHA1

6ca6592f15724865ecda035df9e9578b364cbd49
SHA256

116f73fc7e931d9a76c2c958ca5e7bc53e8ab6364cc8f8d278817fd4b3997d27
SHA512

6464ec9dd105bc244ac7f50eb63b2c99053153b194658d561f2f0819da89f9f2844d36c819daf5c51a4dd3ab575856faafac00e13de2c2bdaafa9261d8c3e0fe
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Po:bxNrC7kYo1Fxf2rYs

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-22_256bf52a32cac6531230d4bb8f9e6891_cryptolocker
- Size
  
  33KB
- MD5
  
  256bf52a32cac6531230d4bb8f9e6891
- SHA1
  
  6ca6592f15724865ecda035df9e9578b364cbd49
- SHA256
  
  116f73fc7e931d9a76c2c958ca5e7bc53e8ab6364cc8f8d278817fd4b3997d27
- SHA512
  
  6464ec9dd105bc244ac7f50eb63b2c99053153b194658d561f2f0819da89f9f2844d36c819daf5c51a4dd3ab575856faafac00e13de2c2bdaafa9261d8c3e0fe
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Po:bxNrC7kYo1Fxf2rYs
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2