1b8da34af37febf00b06c50bad3d303cc1e66d21e9d8b8e91af3c6e621fa96b7 | Triage

Sharing

General

Target

2024-05-22_9ae9c5cf5f158a8ffd73715a5a033059_cryptolocker
Size

31KB
Sample

240522-cj4llagh72
MD5

9ae9c5cf5f158a8ffd73715a5a033059
SHA1

1ea38adae675c9c95986dfe6eaffe5bf9686def8
SHA256

1b8da34af37febf00b06c50bad3d303cc1e66d21e9d8b8e91af3c6e621fa96b7
SHA512

436cb73f505e9416eafd004f24e4879371397f275b5d84b8dcd67e8d9647a21267e743f2a0465806505f5626cb6bd276467b6c92f4459e1b677ce529e0a2b234
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7L:bAvJCYOOvbRPDEgXRcJP

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_9ae9c5cf5f158a8ffd73715a5a033059_cryptolocker
- Size
  
  31KB
- MD5
  
  9ae9c5cf5f158a8ffd73715a5a033059
- SHA1
  
  1ea38adae675c9c95986dfe6eaffe5bf9686def8
- SHA256
  
  1b8da34af37febf00b06c50bad3d303cc1e66d21e9d8b8e91af3c6e621fa96b7
- SHA512
  
  436cb73f505e9416eafd004f24e4879371397f275b5d84b8dcd67e8d9647a21267e743f2a0465806505f5626cb6bd276467b6c92f4459e1b677ce529e0a2b234
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7L:bAvJCYOOvbRPDEgXRcJP
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2