88017eb83def837746beae12d97971b96410aab0da114d9fc6da4e6bf69d4be4 | Triage

Sharing

General

Target

2024-05-22_526b503cae9bcfec5a5fc6671d896066_cryptolocker
Size

34KB
Sample

240522-c1v1sahg3s
MD5

526b503cae9bcfec5a5fc6671d896066
SHA1

47b1bc52ef46b6628def4cf5a08622b1a3e517ec
SHA256

88017eb83def837746beae12d97971b96410aab0da114d9fc6da4e6bf69d4be4
SHA512

4cda67f7ac969cb2f37d1bd09a66474846d72159bd01b7aca7f58ee037544784aaf8436b22d6e051adc1a50476aaa1930024916a55f369c62f90976c1ce0c1e5
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4go:bxNrC7kYo1Fxf2rYA3o

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_526b503cae9bcfec5a5fc6671d896066_cryptolocker
- Size
  
  34KB
- MD5
  
  526b503cae9bcfec5a5fc6671d896066
- SHA1
  
  47b1bc52ef46b6628def4cf5a08622b1a3e517ec
- SHA256
  
  88017eb83def837746beae12d97971b96410aab0da114d9fc6da4e6bf69d4be4
- SHA512
  
  4cda67f7ac969cb2f37d1bd09a66474846d72159bd01b7aca7f58ee037544784aaf8436b22d6e051adc1a50476aaa1930024916a55f369c62f90976c1ce0c1e5
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4go:bxNrC7kYo1Fxf2rYA3o
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2