13a5c8fb9ed2aaa82a416652ff15e79fbac63e30fed90cf1f991e1e198be9cc7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-26_1a7775d1471d1c6db92b48292b194902_cryptolocker
Size

37KB
Sample

240526-anrrgsge74
MD5

1a7775d1471d1c6db92b48292b194902
SHA1

d77df35cfef1e88ee5d0f0ac1fb3ae4155a3f424
SHA256

13a5c8fb9ed2aaa82a416652ff15e79fbac63e30fed90cf1f991e1e198be9cc7
SHA512

6c6311b779c2dece5dc79d3163e2069300dea0641389ecc56f7a4a20f7114eabafd0db217d47699a7b228fb05e0493184c12368576cf045f2e05c11b4440f624
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDh8q:bAvJCF+RQgJeab4sbH

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-26_1a7775d1471d1c6db92b48292b194902_cryptolocker
- Size
  
  37KB
- MD5
  
  1a7775d1471d1c6db92b48292b194902
- SHA1
  
  d77df35cfef1e88ee5d0f0ac1fb3ae4155a3f424
- SHA256
  
  13a5c8fb9ed2aaa82a416652ff15e79fbac63e30fed90cf1f991e1e198be9cc7
- SHA512
  
  6c6311b779c2dece5dc79d3163e2069300dea0641389ecc56f7a4a20f7114eabafd0db217d47699a7b228fb05e0493184c12368576cf045f2e05c11b4440f624
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDh8q:bAvJCF+RQgJeab4sbH
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2