4c36c579ba0171202f7239f039098caf70e0bb6402d6813f051aa5f64e50b3f3 | Triage

Sharing

General

Target

2024-01-03_028a6a1c3205aa494f9edd8c3d500b16_cryptolocker
Size

45KB
Sample

240104-sltr6sdcb9
MD5

028a6a1c3205aa494f9edd8c3d500b16
SHA1

d497171c91710a79267d38f1937a6bf7a4a8cdd7
SHA256

4c36c579ba0171202f7239f039098caf70e0bb6402d6813f051aa5f64e50b3f3
SHA512

154f764f12dfcdcad5ba3834995a6dd29d0df25fa8c229a64f301ce391944fcf1b507e5e5e952b2b05041aa882e6b31233fa629dde4ac25345a5518a47f39fd9
SSDEEP

768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPxyV4tF3zSLh:bIDOw9a0Dwo3P1ojvUSD4PRtF3zSLh

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-03_028a6a1c3205aa494f9edd8c3d500b16_cryptolocker
- Size
  
  45KB
- MD5
  
  028a6a1c3205aa494f9edd8c3d500b16
- SHA1
  
  d497171c91710a79267d38f1937a6bf7a4a8cdd7
- SHA256
  
  4c36c579ba0171202f7239f039098caf70e0bb6402d6813f051aa5f64e50b3f3
- SHA512
  
  154f764f12dfcdcad5ba3834995a6dd29d0df25fa8c229a64f301ce391944fcf1b507e5e5e952b2b05041aa882e6b31233fa629dde4ac25345a5518a47f39fd9
- SSDEEP
  
  768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPxyV4tF3zSLh:bIDOw9a0Dwo3P1ojvUSD4PRtF3zSLh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2