705e6eae4f1e312349c4199bf59a27383da843b9c512d29e545f8f47b699680c | Triage

Sharing

General

Target

2024-05-23_2eec3f4a3604d433d0917d9dad4cf258_cryptolocker
Size

32KB
Sample

240523-cwwrhsag35
MD5

2eec3f4a3604d433d0917d9dad4cf258
SHA1

2d6aa2b4b6ceb6cf24f5b1b9e9c2b706e677a797
SHA256

705e6eae4f1e312349c4199bf59a27383da843b9c512d29e545f8f47b699680c
SHA512

bf2aedff60d3c1c66c7111dad5f86abda26d01903df31312947e61ae715096f5bdbd05c4ddc4a81eb571c9b03c8598fb6285b26e4da157f15ea2bb986eeaef4d
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7c:bAvJCYOOvbRPDEgXRcJ4

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-23_2eec3f4a3604d433d0917d9dad4cf258_cryptolocker
- Size
  
  32KB
- MD5
  
  2eec3f4a3604d433d0917d9dad4cf258
- SHA1
  
  2d6aa2b4b6ceb6cf24f5b1b9e9c2b706e677a797
- SHA256
  
  705e6eae4f1e312349c4199bf59a27383da843b9c512d29e545f8f47b699680c
- SHA512
  
  bf2aedff60d3c1c66c7111dad5f86abda26d01903df31312947e61ae715096f5bdbd05c4ddc4a81eb571c9b03c8598fb6285b26e4da157f15ea2bb986eeaef4d
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7c:bAvJCYOOvbRPDEgXRcJ4
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2