2140ee6e8b3ef924e58ad2ac7483ca61e1a638d1450fa29fd093766b406f7273 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-24_c77aed3d0e6204d50df54c4f3e12da02_cryptolocker
Size

32KB
Sample

240524-tmy9qabe4w
MD5

c77aed3d0e6204d50df54c4f3e12da02
SHA1

23f7b9a76c07bd65ba221e9fc551a4ad7bb8d2c0
SHA256

2140ee6e8b3ef924e58ad2ac7483ca61e1a638d1450fa29fd093766b406f7273
SHA512

0ffa18a512f817dffa6eeb8a1bc957bd0aee5d8a81e27de588afb703e9ff29f651ce19c5ae79b19dbd850c66c164ba8355d692febc3183667ba1c855ec5bcd7f
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7J:bAvJCYOOvbRPDEgXRcJd

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-24_c77aed3d0e6204d50df54c4f3e12da02_cryptolocker
- Size
  
  32KB
- MD5
  
  c77aed3d0e6204d50df54c4f3e12da02
- SHA1
  
  23f7b9a76c07bd65ba221e9fc551a4ad7bb8d2c0
- SHA256
  
  2140ee6e8b3ef924e58ad2ac7483ca61e1a638d1450fa29fd093766b406f7273
- SHA512
  
  0ffa18a512f817dffa6eeb8a1bc957bd0aee5d8a81e27de588afb703e9ff29f651ce19c5ae79b19dbd850c66c164ba8355d692febc3183667ba1c855ec5bcd7f
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7J:bAvJCYOOvbRPDEgXRcJd
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2