074fd9e989e210d7eeee80bf9340f1120a4c732aef05d605d69c60b0de823506 | Triage

Sharing

General

Target

2024-05-24_827ae8032c19bf90c50c65a1d0e185a7_cryptolocker
Size

55KB
Sample

240524-e7l3kadd8y
MD5

827ae8032c19bf90c50c65a1d0e185a7
SHA1

7c94ca316e9306c9392a2bcd07429ccbca3337aa
SHA256

074fd9e989e210d7eeee80bf9340f1120a4c732aef05d605d69c60b0de823506
SHA512

ad70d1f5127ec240accefa68cc5bdc6073faf6ba388a448d30441209d6d8cd71e3800877eb3c362b6a0a093852454fbc04d9658e22cfb476fc5a9d9ef3ff29c0
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5UjO:ZVxkGOtEvwDpjcT

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-24_827ae8032c19bf90c50c65a1d0e185a7_cryptolocker
- Size
  
  55KB
- MD5
  
  827ae8032c19bf90c50c65a1d0e185a7
- SHA1
  
  7c94ca316e9306c9392a2bcd07429ccbca3337aa
- SHA256
  
  074fd9e989e210d7eeee80bf9340f1120a4c732aef05d605d69c60b0de823506
- SHA512
  
  ad70d1f5127ec240accefa68cc5bdc6073faf6ba388a448d30441209d6d8cd71e3800877eb3c362b6a0a093852454fbc04d9658e22cfb476fc5a9d9ef3ff29c0
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdO5UjO:ZVxkGOtEvwDpjcT
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2