363708688134ada6fd89a9f1bf78d329a468ddeaeea4e3c6cfd6f2a1717c4c0a | Triage

Sharing

General

Target

2024-01-01_11732506be1717d524fa6d3f7e33500b_cryptolocker
Size

30KB
Sample

240105-gbp6fsbbck
MD5

11732506be1717d524fa6d3f7e33500b
SHA1

299b832d7e955ba129d6c2f548845d0359cadc5d
SHA256

363708688134ada6fd89a9f1bf78d329a468ddeaeea4e3c6cfd6f2a1717c4c0a
SHA512

e7487f401233aa46e8f6b948c20f78586c09b7c52ab473ba4103552568e4d9082fbe4955d640a37e86ee2c203838e92a822a7a60ba5a1eb51b38d38faabba118
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznB:b/yC4GyNM01GuQMNXw2PSjB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-01-01_11732506be1717d524fa6d3f7e33500b_cryptolocker
- Size
  
  30KB
- MD5
  
  11732506be1717d524fa6d3f7e33500b
- SHA1
  
  299b832d7e955ba129d6c2f548845d0359cadc5d
- SHA256
  
  363708688134ada6fd89a9f1bf78d329a468ddeaeea4e3c6cfd6f2a1717c4c0a
- SHA512
  
  e7487f401233aa46e8f6b948c20f78586c09b7c52ab473ba4103552568e4d9082fbe4955d640a37e86ee2c203838e92a822a7a60ba5a1eb51b38d38faabba118
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznB:b/yC4GyNM01GuQMNXw2PSjB
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2