92eb03f8c1c9961dfb93cf821615d57996c996f8a9b5b4850e4126a83b8ffb42 | Triage

Sharing

General

Target

2024-06-05_540f7f42d97677835b296ea8ccfe283b_cryptolocker
Size

34KB
Sample

240605-e5cq4seb8t
MD5

540f7f42d97677835b296ea8ccfe283b
SHA1

891cb81efcc15770f82da0ac46d4563ef97e01e9
SHA256

92eb03f8c1c9961dfb93cf821615d57996c996f8a9b5b4850e4126a83b8ffb42
SHA512

35eb881dcbe231f9511bf184cd97fe1474d331b03426e01a7998ac6569f3eeb3e1d281ee675030e97b8215153887e6a838a9b2820c5562bf1b0d069f5388c4bb
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5jd+aJ:bxNrC7kYo1Fxf2rYPsi

Score

10^/10

Malware Config

Targets

- Target
  
  2024-06-05_540f7f42d97677835b296ea8ccfe283b_cryptolocker
- Size
  
  34KB
- MD5
  
  540f7f42d97677835b296ea8ccfe283b
- SHA1
  
  891cb81efcc15770f82da0ac46d4563ef97e01e9
- SHA256
  
  92eb03f8c1c9961dfb93cf821615d57996c996f8a9b5b4850e4126a83b8ffb42
- SHA512
  
  35eb881dcbe231f9511bf184cd97fe1474d331b03426e01a7998ac6569f3eeb3e1d281ee675030e97b8215153887e6a838a9b2820c5562bf1b0d069f5388c4bb
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5jd+aJ:bxNrC7kYo1Fxf2rYPsi
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2