5b475dc8c135e8620ed132a6a90cfd1b870deb60617383569dba08eeedbc4f25 | Triage

Sharing

General

Target

2024-05-16_91b2087185936f58c457f18b2f1e2217_cryptolocker
Size

41KB
Sample

240516-hvvqqahb6y
MD5

91b2087185936f58c457f18b2f1e2217
SHA1

b37431fbf4bc894aba6b1499e65acf954fd2fede
SHA256

5b475dc8c135e8620ed132a6a90cfd1b870deb60617383569dba08eeedbc4f25
SHA512

28ae40ac92873ac3399c8a6db7a77e57d1f63a1f737ce09c1d92c73083360b85e624f557ea9aee1d62b6761d01e6ac94c33bb5125c828044be9d09a024029f5a
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pimGZ3E:bAvJCF+RQgJeab4sTsU

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-16_91b2087185936f58c457f18b2f1e2217_cryptolocker
- Size
  
  41KB
- MD5
  
  91b2087185936f58c457f18b2f1e2217
- SHA1
  
  b37431fbf4bc894aba6b1499e65acf954fd2fede
- SHA256
  
  5b475dc8c135e8620ed132a6a90cfd1b870deb60617383569dba08eeedbc4f25
- SHA512
  
  28ae40ac92873ac3399c8a6db7a77e57d1f63a1f737ce09c1d92c73083360b85e624f557ea9aee1d62b6761d01e6ac94c33bb5125c828044be9d09a024029f5a
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pimGZ3E:bAvJCF+RQgJeab4sTsU
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2