99c709a3f135afc25e5aa0c0fe60b94bbb70a053a03a2f2d2c7e16f80dff6664 | Triage

Sharing

General

Target

2024-04-22_e23ad0515bd755cb29868b0087aba2db_cryptolocker
Size

33KB
Sample

240422-k5r4pahh26
MD5

e23ad0515bd755cb29868b0087aba2db
SHA1

26c8c4d7cc6dfff6b9db1361be2aeb16fe135058
SHA256

99c709a3f135afc25e5aa0c0fe60b94bbb70a053a03a2f2d2c7e16f80dff6664
SHA512

86a6e0988b231ba6aa5558f3fa9742481cda6ad580888c14bd34481169c886bb4df892d2a2e9bda76f341f41303d669ef3dae239323957ec99519b782388ce17
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M:bxNrC7kYo1Fxf2rYg

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-22_e23ad0515bd755cb29868b0087aba2db_cryptolocker
- Size
  
  33KB
- MD5
  
  e23ad0515bd755cb29868b0087aba2db
- SHA1
  
  26c8c4d7cc6dfff6b9db1361be2aeb16fe135058
- SHA256
  
  99c709a3f135afc25e5aa0c0fe60b94bbb70a053a03a2f2d2c7e16f80dff6664
- SHA512
  
  86a6e0988b231ba6aa5558f3fa9742481cda6ad580888c14bd34481169c886bb4df892d2a2e9bda76f341f41303d669ef3dae239323957ec99519b782388ce17
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M:bxNrC7kYo1Fxf2rYg
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2