966056fea53097ae4e3818e89005ecfd11ab0f4ce53684522011bf4d5befe74e | Triage

Sharing

General

Target

2024-06-06_62ff79bc30ba3135d7006d1d147a36b9_cryptolocker
Size

33KB
Sample

240606-yezmqsca84
MD5

62ff79bc30ba3135d7006d1d147a36b9
SHA1

60540b83b8795d6005ff90256f4fc7198ee1cd23
SHA256

966056fea53097ae4e3818e89005ecfd11ab0f4ce53684522011bf4d5befe74e
SHA512

375adef8847703a9580cd7a22039e29d16e3af56f1aad74f6ec4c000d0c4af6a012c91fab44b1627e05d3995d2c47d87edacb1f0fd847bc7e1fb61cf0bcb9ed5
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7S4:bAvJCYOOvbRPDEgXRcJu4

Score

10^/10

Malware Config

Targets

- Target
  
  2024-06-06_62ff79bc30ba3135d7006d1d147a36b9_cryptolocker
- Size
  
  33KB
- MD5
  
  62ff79bc30ba3135d7006d1d147a36b9
- SHA1
  
  60540b83b8795d6005ff90256f4fc7198ee1cd23
- SHA256
  
  966056fea53097ae4e3818e89005ecfd11ab0f4ce53684522011bf4d5befe74e
- SHA512
  
  375adef8847703a9580cd7a22039e29d16e3af56f1aad74f6ec4c000d0c4af6a012c91fab44b1627e05d3995d2c47d87edacb1f0fd847bc7e1fb61cf0bcb9ed5
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7S4:bAvJCYOOvbRPDEgXRcJu4
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2