7d2c4ebafd3c3d7029f0c8e6a18553753705d345d1227f5bbc8b3033989869b9 | Triage

Sharing

General

Target

2024-05-23_2e0ce2a84c6fd15483c7295a8e0fe413_cryptolocker
Size

37KB
Sample

240523-br2xasgd4y
MD5

2e0ce2a84c6fd15483c7295a8e0fe413
SHA1

cd706c558306dd49296901de471b8c5bb5f2f33b
SHA256

7d2c4ebafd3c3d7029f0c8e6a18553753705d345d1227f5bbc8b3033989869b9
SHA512

776b77de9f0d006e20fc929ea37851cc0cba6b484dbef57d5e1856024d42d9176009984bf7940bdcc5b6ebaed16660721ea84e9dd81cd34efdd71eef08011093
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIr:bAvJCF+RQgJeab4sbW

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-23_2e0ce2a84c6fd15483c7295a8e0fe413_cryptolocker
- Size
  
  37KB
- MD5
  
  2e0ce2a84c6fd15483c7295a8e0fe413
- SHA1
  
  cd706c558306dd49296901de471b8c5bb5f2f33b
- SHA256
  
  7d2c4ebafd3c3d7029f0c8e6a18553753705d345d1227f5bbc8b3033989869b9
- SHA512
  
  776b77de9f0d006e20fc929ea37851cc0cba6b484dbef57d5e1856024d42d9176009984bf7940bdcc5b6ebaed16660721ea84e9dd81cd34efdd71eef08011093
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIr:bAvJCF+RQgJeab4sbW
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2