1a00bfe50d425f99be76ca7a77893e8fee52045e3b749894966abf4c8ebb9b74 | Triage

Sharing

General

Target

2024-05-22_618ebbee494fab9613586aa05b2dec26_cryptolocker
Size

36KB
Sample

240522-zqpgksgc51
MD5

618ebbee494fab9613586aa05b2dec26
SHA1

cc965d11d8b274a98649a760e57a16cefb9ed2f5
SHA256

1a00bfe50d425f99be76ca7a77893e8fee52045e3b749894966abf4c8ebb9b74
SHA512

5ab237224775fb742074076cd19ed47ef51b5c840e2c0a60b3d521ecdf7e3d7b2994bdd6a465b997b538f63728b6d836156312b1e0e13d6730a0ce6f6bdaf1f2
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B0qG1HF:btB9g/WItCSsAGjX7r3BTaF

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-22_618ebbee494fab9613586aa05b2dec26_cryptolocker
- Size
  
  36KB
- MD5
  
  618ebbee494fab9613586aa05b2dec26
- SHA1
  
  cc965d11d8b274a98649a760e57a16cefb9ed2f5
- SHA256
  
  1a00bfe50d425f99be76ca7a77893e8fee52045e3b749894966abf4c8ebb9b74
- SHA512
  
  5ab237224775fb742074076cd19ed47ef51b5c840e2c0a60b3d521ecdf7e3d7b2994bdd6a465b997b538f63728b6d836156312b1e0e13d6730a0ce6f6bdaf1f2
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B0qG1HF:btB9g/WItCSsAGjX7r3BTaF
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2