d88e7ba95fe4380c3a4222c9e6b96027a386586c7ca6e4269c12167284ddbd9e | Triage

Sharing

General

Target

2024-05-22_24a1dffe6c2a4df238e41fb4e6cdb5ed_cryptolocker
Size

34KB
Sample

240522-cw3vtshd55
MD5

24a1dffe6c2a4df238e41fb4e6cdb5ed
SHA1

a7cbbc02d631423f2347a9247ba8b28c96fac8cb
SHA256

d88e7ba95fe4380c3a4222c9e6b96027a386586c7ca6e4269c12167284ddbd9e
SHA512

5a114687d9acdd5d67778cef6a7074e81c1b607fec3820a9683f96e1b50b57104fb8898bcff1d647f3c35554bac18723552a2424488d758a84e830723cc4778a
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4gX:bxNrC7kYo1Fxf2rYA3X

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_24a1dffe6c2a4df238e41fb4e6cdb5ed_cryptolocker
- Size
  
  34KB
- MD5
  
  24a1dffe6c2a4df238e41fb4e6cdb5ed
- SHA1
  
  a7cbbc02d631423f2347a9247ba8b28c96fac8cb
- SHA256
  
  d88e7ba95fe4380c3a4222c9e6b96027a386586c7ca6e4269c12167284ddbd9e
- SHA512
  
  5a114687d9acdd5d67778cef6a7074e81c1b607fec3820a9683f96e1b50b57104fb8898bcff1d647f3c35554bac18723552a2424488d758a84e830723cc4778a
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5M4gX:bxNrC7kYo1Fxf2rYA3X
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2