915c7f4c250059f9bee86ffe310d143aab2563863550f849d41044214f1ed008 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-03_512c44841812dc94ac40fe3820013db2_cryptolocker
Size

61KB
Sample

240104-smnybadeh3
MD5

512c44841812dc94ac40fe3820013db2
SHA1

52457eb66e8da469ace9d22a6dff1dbe74528c04
SHA256

915c7f4c250059f9bee86ffe310d143aab2563863550f849d41044214f1ed008
SHA512

58eff33b3fecc7fd5f8c7dffd9f96834990f6785dc5a4335175126ae714d0b61ac5b3d3bb829e3a67ab207bbb4dfe3e7b33480dd0a96a120583a3e22cf487b7e
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/RvDQeduJHqqnz10Lhb:ZzFbxmLPWQMOtEvwDpj386Sj/RsB0Cw

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-03_512c44841812dc94ac40fe3820013db2_cryptolocker
- Size
  
  61KB
- MD5
  
  512c44841812dc94ac40fe3820013db2
- SHA1
  
  52457eb66e8da469ace9d22a6dff1dbe74528c04
- SHA256
  
  915c7f4c250059f9bee86ffe310d143aab2563863550f849d41044214f1ed008
- SHA512
  
  58eff33b3fecc7fd5f8c7dffd9f96834990f6785dc5a4335175126ae714d0b61ac5b3d3bb829e3a67ab207bbb4dfe3e7b33480dd0a96a120583a3e22cf487b7e
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/RvDQeduJHqqnz10Lhb:ZzFbxmLPWQMOtEvwDpj386Sj/RsB0Cw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2