b8ce6fe5ef5ef1f11abc8e279d576c135f1bbe3da7a506d1cd53f834f8ad2e61 | Triage

Sharing

General

Target

2024-05-23_2a3a923b95881b33e7ad0099c0e66254_cryptolocker
Size

37KB
Sample

240523-bryjwagf33
MD5

2a3a923b95881b33e7ad0099c0e66254
SHA1

c19743ae6766328482ea94271b2f5972119a745d
SHA256

b8ce6fe5ef5ef1f11abc8e279d576c135f1bbe3da7a506d1cd53f834f8ad2e61
SHA512

7f3d600901f739f61cb6b561edce9c2d4849cd5e71c8930baccae9abbbd4c13d02af2967bfe9b283329e88a11d9f3ed5a49989e328fe27da052e04240fd69455
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIm:bAvJCF+RQgJeab4sbD

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-23_2a3a923b95881b33e7ad0099c0e66254_cryptolocker
- Size
  
  37KB
- MD5
  
  2a3a923b95881b33e7ad0099c0e66254
- SHA1
  
  c19743ae6766328482ea94271b2f5972119a745d
- SHA256
  
  b8ce6fe5ef5ef1f11abc8e279d576c135f1bbe3da7a506d1cd53f834f8ad2e61
- SHA512
  
  7f3d600901f739f61cb6b561edce9c2d4849cd5e71c8930baccae9abbbd4c13d02af2967bfe9b283329e88a11d9f3ed5a49989e328fe27da052e04240fd69455
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIm:bAvJCF+RQgJeab4sbD
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2