f8f5eb08306517ce23393c26f37e70eeaafd3c162a921a0912313ee2e1762808 | Triage

Sharing

General

Target

2024-05-12_e9f7e4d9b3ee16ec621b1f30ac1f092c_cryptolocker
Size

37KB
Sample

240512-w9j5esaf5x
MD5

e9f7e4d9b3ee16ec621b1f30ac1f092c
SHA1

5a7087dde7cc0c2d17b20addc3fa183501466df2
SHA256

f8f5eb08306517ce23393c26f37e70eeaafd3c162a921a0912313ee2e1762808
SHA512

cc3e17b26507498079f2602a222b32cbe4c6844a34de805d82078f2861b285f54944e5e398d68303740132bc3ece8dba243ef9c5ac9552e5b4d9dc78bd0e1d59
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheD8:bAvJCF+RQgJeab4sbQ

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-12_e9f7e4d9b3ee16ec621b1f30ac1f092c_cryptolocker
- Size
  
  37KB
- MD5
  
  e9f7e4d9b3ee16ec621b1f30ac1f092c
- SHA1
  
  5a7087dde7cc0c2d17b20addc3fa183501466df2
- SHA256
  
  f8f5eb08306517ce23393c26f37e70eeaafd3c162a921a0912313ee2e1762808
- SHA512
  
  cc3e17b26507498079f2602a222b32cbe4c6844a34de805d82078f2861b285f54944e5e398d68303740132bc3ece8dba243ef9c5ac9552e5b4d9dc78bd0e1d59
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheD8:bAvJCF+RQgJeab4sbQ
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2