224a0aa12a4d979391e964a4ac0b366c933ee655071ad5d846ca21af6437311d | Triage

Sharing

General

Target

2024-05-21_34fcefd687f3fa3bed3c7438296d7d11_cryptolocker
Size

77KB
Sample

240521-sycz7aae9v
MD5

34fcefd687f3fa3bed3c7438296d7d11
SHA1

9600872835422335b989c53e841965c8b0d4c460
SHA256

224a0aa12a4d979391e964a4ac0b366c933ee655071ad5d846ca21af6437311d
SHA512

d9047f585ed55fb41f862015f65c1da2bbd054e2292a95e374ad8280fe26d51f6349d0d618b402faec734e874faeff33acbd53aedad3b4edaef3fe6df84edfec
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUf:ZVxkGOtEvwDpjca7

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-21_34fcefd687f3fa3bed3c7438296d7d11_cryptolocker
- Size
  
  77KB
- MD5
  
  34fcefd687f3fa3bed3c7438296d7d11
- SHA1
  
  9600872835422335b989c53e841965c8b0d4c460
- SHA256
  
  224a0aa12a4d979391e964a4ac0b366c933ee655071ad5d846ca21af6437311d
- SHA512
  
  d9047f585ed55fb41f862015f65c1da2bbd054e2292a95e374ad8280fe26d51f6349d0d618b402faec734e874faeff33acbd53aedad3b4edaef3fe6df84edfec
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUf:ZVxkGOtEvwDpjca7
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2