4502553f1889ae2519f8b164a3b479a1a1c1de70af026ec1b9ce2d52314b0768 | Triage

Sharing

General

Target

2024-05-22_addc32323ec92fb9f36af3c8a4c4038a_cryptolocker
Size

34KB
Sample

240522-c8ezjaaa4y
MD5

addc32323ec92fb9f36af3c8a4c4038a
SHA1

1258e8b4ba8958672b5288514bed9b9f3700dcbc
SHA256

4502553f1889ae2519f8b164a3b479a1a1c1de70af026ec1b9ce2d52314b0768
SHA512

3b3162f4b5efa1c7d2bb0437989f1ec455d35ba7e425ed6ea45318c675ac1975e6ae9fc97f36ebf6c2deb5c701f3b970e34f83998c5e0ca3e8ef2aa3fff9bc7e
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4gU:bxNrC7kYo1Fxf2rYA3U

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_addc32323ec92fb9f36af3c8a4c4038a_cryptolocker
- Size
  
  34KB
- MD5
  
  addc32323ec92fb9f36af3c8a4c4038a
- SHA1
  
  1258e8b4ba8958672b5288514bed9b9f3700dcbc
- SHA256
  
  4502553f1889ae2519f8b164a3b479a1a1c1de70af026ec1b9ce2d52314b0768
- SHA512
  
  3b3162f4b5efa1c7d2bb0437989f1ec455d35ba7e425ed6ea45318c675ac1975e6ae9fc97f36ebf6c2deb5c701f3b970e34f83998c5e0ca3e8ef2aa3fff9bc7e
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4gU:bxNrC7kYo1Fxf2rYA3U
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2