989d0c8ad792d24fb01649cdd3ce573209b88ac21f8ffd35f453c76081be06de | Triage

Sharing

General

Target

2024-05-22_05bbfa55fd88a3fcde9d8acf0d19f1c5_cryptolocker
Size

35KB
Sample

240522-ctn9nahc56
MD5

05bbfa55fd88a3fcde9d8acf0d19f1c5
SHA1

f2f0b42b0f106f48962ed2d058bde71aca5a2be8
SHA256

989d0c8ad792d24fb01649cdd3ce573209b88ac21f8ffd35f453c76081be06de
SHA512

93a7ad717d250f0aad8d418c9f8d3d89aca3e919a80d3d1c62d17aa269d953ff1355d0b72edfab59827fba78c931e14fab55d27c039db1258e2bc924c1fa8400
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pp70WTNlk:bxNrC7kYo1Fxf2rY1Dk

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_05bbfa55fd88a3fcde9d8acf0d19f1c5_cryptolocker
- Size
  
  35KB
- MD5
  
  05bbfa55fd88a3fcde9d8acf0d19f1c5
- SHA1
  
  f2f0b42b0f106f48962ed2d058bde71aca5a2be8
- SHA256
  
  989d0c8ad792d24fb01649cdd3ce573209b88ac21f8ffd35f453c76081be06de
- SHA512
  
  93a7ad717d250f0aad8d418c9f8d3d89aca3e919a80d3d1c62d17aa269d953ff1355d0b72edfab59827fba78c931e14fab55d27c039db1258e2bc924c1fa8400
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pp70WTNlk:bxNrC7kYo1Fxf2rY1Dk
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2