64c9978038dfee20335657058b596808fefc1b5eae6129d42a6de6b7162f9282 | Triage

Sharing

General

Target

2024-05-22_2d2eee849603bdbcf84fe4ab78b0c945_cryptolocker
Size

37KB
Sample

240522-xq9readb37
MD5

2d2eee849603bdbcf84fe4ab78b0c945
SHA1

be392f79e2f446c4760d09785660721435b22b8a
SHA256

64c9978038dfee20335657058b596808fefc1b5eae6129d42a6de6b7162f9282
SHA512

32a5c5bd6e28b98e6ec2be09736df4b9843db792e3359dbccbef00b44dda963bd71dff00b1565f73b84c4c05cd4b5ce545e0974707d0cc31d1aa032878da8139
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIF:bAvJCF+RQgJeab4sb8

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_2d2eee849603bdbcf84fe4ab78b0c945_cryptolocker
- Size
  
  37KB
- MD5
  
  2d2eee849603bdbcf84fe4ab78b0c945
- SHA1
  
  be392f79e2f446c4760d09785660721435b22b8a
- SHA256
  
  64c9978038dfee20335657058b596808fefc1b5eae6129d42a6de6b7162f9282
- SHA512
  
  32a5c5bd6e28b98e6ec2be09736df4b9843db792e3359dbccbef00b44dda963bd71dff00b1565f73b84c4c05cd4b5ce545e0974707d0cc31d1aa032878da8139
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIF:bAvJCF+RQgJeab4sb8
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2