5cc1ea8f1a2913c2eddbda42c24c01f196271c03ffe093cebd123e73f7b69152 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-25_67e01c0693d84f16ad1dd33ac2273bf1_cryptolocker
Size

37KB
Sample

240525-1r91cacc98
MD5

67e01c0693d84f16ad1dd33ac2273bf1
SHA1

943b4e1e0371c682efe58c12953da824fb4b20fb
SHA256

5cc1ea8f1a2913c2eddbda42c24c01f196271c03ffe093cebd123e73f7b69152
SHA512

332e424368706599b152f567894129448ec87f3dbbaf1a201fe9cff76dabf1d6819169edb6b913e3b201b9e8b269e1e4c92c08e9590975b3172ddb846e648907
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDh88:bAvJCF+RQgJeab4sbl

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-25_67e01c0693d84f16ad1dd33ac2273bf1_cryptolocker
- Size
  
  37KB
- MD5
  
  67e01c0693d84f16ad1dd33ac2273bf1
- SHA1
  
  943b4e1e0371c682efe58c12953da824fb4b20fb
- SHA256
  
  5cc1ea8f1a2913c2eddbda42c24c01f196271c03ffe093cebd123e73f7b69152
- SHA512
  
  332e424368706599b152f567894129448ec87f3dbbaf1a201fe9cff76dabf1d6819169edb6b913e3b201b9e8b269e1e4c92c08e9590975b3172ddb846e648907
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDh88:bAvJCF+RQgJeab4sbl
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2