ea0a9bcd2074948bbd843836f64f4ed6dde0c960126154f4f0675bae80f79ccd | Triage

Sharing

General

Target

2024-05-24_8a2a97d81bb7db016007e03ed525f531_cryptolocker
Size

34KB
Sample

240524-c2ys3aac39
MD5

8a2a97d81bb7db016007e03ed525f531
SHA1

6e701424659254722421fb334a193ecf404b29c9
SHA256

ea0a9bcd2074948bbd843836f64f4ed6dde0c960126154f4f0675bae80f79ccd
SHA512

ee6a8028e238f112b68269fc0fced92bee568b7551eb72e158f42b78cc0aea0baa410d66580f4c0c373ea2afb803648598489bf0feeeb60d05e2b428543336b2
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5R:bxNrC7kYo1Fxf2rY9

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-24_8a2a97d81bb7db016007e03ed525f531_cryptolocker
- Size
  
  34KB
- MD5
  
  8a2a97d81bb7db016007e03ed525f531
- SHA1
  
  6e701424659254722421fb334a193ecf404b29c9
- SHA256
  
  ea0a9bcd2074948bbd843836f64f4ed6dde0c960126154f4f0675bae80f79ccd
- SHA512
  
  ee6a8028e238f112b68269fc0fced92bee568b7551eb72e158f42b78cc0aea0baa410d66580f4c0c373ea2afb803648598489bf0feeeb60d05e2b428543336b2
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5R:bxNrC7kYo1Fxf2rY9
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2