af5e02a9e10bf1abd11996c09137590ab821cc31b738ce13fa1a31ad2ad0a33b | Triage

Sharing

General

Target

2024-04-26_c577b59f82fbacc298026373443c0a92_cryptolocker
Size

34KB
Sample

240426-3gbe5sfb7t
MD5

c577b59f82fbacc298026373443c0a92
SHA1

df0697efc429586ea33b1b02ba17b40f7baa00f9
SHA256

af5e02a9e10bf1abd11996c09137590ab821cc31b738ce13fa1a31ad2ad0a33b
SHA512

bc369a7c80a0f94d27a2ae5b26a3620cdf970f97de0a01083cdae57055f0c9485ffd7e91327b2b21f159cee06ac3c16bfe6fd4ea0a9a9ac8c4c928597e304580
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Q:bxNrC7kYo1Fxf2rY8

Score

10^/10

Malware Config

Targets

- Target
  
  2024-04-26_c577b59f82fbacc298026373443c0a92_cryptolocker
- Size
  
  34KB
- MD5
  
  c577b59f82fbacc298026373443c0a92
- SHA1
  
  df0697efc429586ea33b1b02ba17b40f7baa00f9
- SHA256
  
  af5e02a9e10bf1abd11996c09137590ab821cc31b738ce13fa1a31ad2ad0a33b
- SHA512
  
  bc369a7c80a0f94d27a2ae5b26a3620cdf970f97de0a01083cdae57055f0c9485ffd7e91327b2b21f159cee06ac3c16bfe6fd4ea0a9a9ac8c4c928597e304580
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Q:bxNrC7kYo1Fxf2rY8
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2