40c97a788e7662a24716b4ca9447d618da5a09df6f847841b49db5888d50fa17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-21_2fc02cb61eba649a39d53b3d45ebc743_cryptolocker
Size

38KB
Sample

240521-w5ap7aeb73
MD5

2fc02cb61eba649a39d53b3d45ebc743
SHA1

5523ca7c5527fba1e9dd05760342b49f64435a64
SHA256

40c97a788e7662a24716b4ca9447d618da5a09df6f847841b49db5888d50fa17
SHA512

44b5a4ad3728f8c72dbe4465524da11b1ad7bfe07a3b3bc912a7187aa0d5c0cb1225247f792fc04113058c26cc77daffad8706e85ad51e79e9b3c71bea86be36
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenUK:ZzFbxmLPWQMOtEvwDpjLe/

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-21_2fc02cb61eba649a39d53b3d45ebc743_cryptolocker
- Size
  
  38KB
- MD5
  
  2fc02cb61eba649a39d53b3d45ebc743
- SHA1
  
  5523ca7c5527fba1e9dd05760342b49f64435a64
- SHA256
  
  40c97a788e7662a24716b4ca9447d618da5a09df6f847841b49db5888d50fa17
- SHA512
  
  44b5a4ad3728f8c72dbe4465524da11b1ad7bfe07a3b3bc912a7187aa0d5c0cb1225247f792fc04113058c26cc77daffad8706e85ad51e79e9b3c71bea86be36
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenUK:ZzFbxmLPWQMOtEvwDpjLe/
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2