877fe0ac86d9f51e77e0507bd843047644f4035e000b950096cf87811771dbf1 | Triage

Sharing

General

Target

2024-05-26_08cad77b1496db3da7bdcb7aa8bcdf2a_cryptolocker
Size

34KB
Sample

240526-wapwmafb92
MD5

08cad77b1496db3da7bdcb7aa8bcdf2a
SHA1

21476ae83c3f0b36b42db3e59aa020970b7941d8
SHA256

877fe0ac86d9f51e77e0507bd843047644f4035e000b950096cf87811771dbf1
SHA512

ca067fc377d3473f37803431d952f1fc15e8c68898b3001c8be49cae1b3c8f1f8893a272b6f9ec0667481268a0bbe1285403d47f4185812f9b388553a66e258c
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos51:bxNrC7kYo1Fxf2rYJ

Score

10^/10

Malware Config

Targets

- Target
  
  2024-05-26_08cad77b1496db3da7bdcb7aa8bcdf2a_cryptolocker
- Size
  
  34KB
- MD5
  
  08cad77b1496db3da7bdcb7aa8bcdf2a
- SHA1
  
  21476ae83c3f0b36b42db3e59aa020970b7941d8
- SHA256
  
  877fe0ac86d9f51e77e0507bd843047644f4035e000b950096cf87811771dbf1
- SHA512
  
  ca067fc377d3473f37803431d952f1fc15e8c68898b3001c8be49cae1b3c8f1f8893a272b6f9ec0667481268a0bbe1285403d47f4185812f9b388553a66e258c
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos51:bxNrC7kYo1Fxf2rYJ
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2