29310b97639f8b66def67209ecf78bf8a920163e7ddeda2e395a957310dddd52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-07_1393677aa127e59bf61ba30affbd5d24_cryptolocker
Size

38KB
Sample

240507-dxp6ssfh4z
MD5

1393677aa127e59bf61ba30affbd5d24
SHA1

d8520bcebd224a3d02494a923e8811ba8c56a9a4
SHA256

29310b97639f8b66def67209ecf78bf8a920163e7ddeda2e395a957310dddd52
SHA512

37f533dfc86c651829b9203bfe09a6d46af51d583def04c7bbe9449142644c3190f32553e721ac2853f3e133a3663f9164bc60c837765fef57c7681398e0d9df
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenUz:ZzFbxmLPWQMOtEvwDpjLe2

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-07_1393677aa127e59bf61ba30affbd5d24_cryptolocker
- Size
  
  38KB
- MD5
  
  1393677aa127e59bf61ba30affbd5d24
- SHA1
  
  d8520bcebd224a3d02494a923e8811ba8c56a9a4
- SHA256
  
  29310b97639f8b66def67209ecf78bf8a920163e7ddeda2e395a957310dddd52
- SHA512
  
  37f533dfc86c651829b9203bfe09a6d46af51d583def04c7bbe9449142644c3190f32553e721ac2853f3e133a3663f9164bc60c837765fef57c7681398e0d9df
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenUz:ZzFbxmLPWQMOtEvwDpjLe2
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2