5a4383391e3b54b428d5289b22292afd0beed1d20504020cca9da7500d304946 | Triage

Sharing

General

Target

2024-05-16_e54536ab0fe58dba9039346fb713488f_cryptolocker
Size

34KB
Sample

240516-yycbjsec84
MD5

e54536ab0fe58dba9039346fb713488f
SHA1

d4a48d7f352f778dec16ac0ee99fb6a5fa6ef08e
SHA256

5a4383391e3b54b428d5289b22292afd0beed1d20504020cca9da7500d304946
SHA512

36b23b343a02ac5880f4d6a59866aaf3bc2070892a0a51b6cb6668e46719041caec27cbff7914827c20fb71364afc0596c1ff92dbd1a78a52536545681e7e83a
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4g4:bxNrC7kYo1Fxf2rYA34

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-16_e54536ab0fe58dba9039346fb713488f_cryptolocker
- Size
  
  34KB
- MD5
  
  e54536ab0fe58dba9039346fb713488f
- SHA1
  
  d4a48d7f352f778dec16ac0ee99fb6a5fa6ef08e
- SHA256
  
  5a4383391e3b54b428d5289b22292afd0beed1d20504020cca9da7500d304946
- SHA512
  
  36b23b343a02ac5880f4d6a59866aaf3bc2070892a0a51b6cb6668e46719041caec27cbff7914827c20fb71364afc0596c1ff92dbd1a78a52536545681e7e83a
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4g4:bxNrC7kYo1Fxf2rYA34
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2