a5cf3bd54044f3bd3d429f1511be0aa852de246ce676a2083e2b259eba8b779d | Triage

Sharing

General

Target

2024-05-16_725fd99581c114b835eea349adc4fe99_cryptolocker
Size

76KB
Sample

240517-aczyqafg9s
MD5

725fd99581c114b835eea349adc4fe99
SHA1

2ffba254425adae66a680ad4087779d379c7d827
SHA256

a5cf3bd54044f3bd3d429f1511be0aa852de246ce676a2083e2b259eba8b779d
SHA512

819e2f2fc26b113a3bec5e740c4cb9b1e2d7aaf568b6a20e3c0ee1dc60f802f3545bad8e3c6386e84a9b08228e6e1462ae7b629f6156f63c1c05481fa6a9f49d
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUO:ZVxkGOtEvwDpjcaC

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-16_725fd99581c114b835eea349adc4fe99_cryptolocker
- Size
  
  76KB
- MD5
  
  725fd99581c114b835eea349adc4fe99
- SHA1
  
  2ffba254425adae66a680ad4087779d379c7d827
- SHA256
  
  a5cf3bd54044f3bd3d429f1511be0aa852de246ce676a2083e2b259eba8b779d
- SHA512
  
  819e2f2fc26b113a3bec5e740c4cb9b1e2d7aaf568b6a20e3c0ee1dc60f802f3545bad8e3c6386e84a9b08228e6e1462ae7b629f6156f63c1c05481fa6a9f49d
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUO:ZVxkGOtEvwDpjcaC
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2