e50ecc491f82800b4553413b028dd2ae46eb88c52c037183efb38d661d4a77e1 | Triage

Sharing

General

Target

2024-05-01_b08e4402d17974e3d84890b89dc1b06a_cryptolocker
Size

31KB
Sample

240501-ha6mgsaa81
MD5

b08e4402d17974e3d84890b89dc1b06a
SHA1

33563353f5fa246c140a1bfaebfb7d8ef55f847d
SHA256

e50ecc491f82800b4553413b028dd2ae46eb88c52c037183efb38d661d4a77e1
SHA512

a5de8ea985506ff6662c3f62f01d718c4e3ef6765db984f2990bd4c390d75733ee0f80f0bde7b7a9ef032322a4423bea145096607ba0a85ef91efe72874eb7c6
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7/:bAvJCYOOvbRPDEgXRcJL

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-01_b08e4402d17974e3d84890b89dc1b06a_cryptolocker
- Size
  
  31KB
- MD5
  
  b08e4402d17974e3d84890b89dc1b06a
- SHA1
  
  33563353f5fa246c140a1bfaebfb7d8ef55f847d
- SHA256
  
  e50ecc491f82800b4553413b028dd2ae46eb88c52c037183efb38d661d4a77e1
- SHA512
  
  a5de8ea985506ff6662c3f62f01d718c4e3ef6765db984f2990bd4c390d75733ee0f80f0bde7b7a9ef032322a4423bea145096607ba0a85ef91efe72874eb7c6
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7/:bAvJCYOOvbRPDEgXRcJL
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2