e11cbea4592cf1807cd6b968c08d0a3fd8b28ebae35584c487a5b0cbc5c78bc2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_82d41ed51638b7328bba019c26b822cd_cryptolocker
Size

38KB
Sample

240105-gfyy6acfal
MD5

82d41ed51638b7328bba019c26b822cd
SHA1

ccee89e67c6d8703ea379118607d03ffc12a554e
SHA256

e11cbea4592cf1807cd6b968c08d0a3fd8b28ebae35584c487a5b0cbc5c78bc2
SHA512

ad33b902318b23105e7ecec065e6bedeabfd62f1b27fdfac78de7faada2aa7f7815a9ce17b87788559232312244a35a9e0a4e683c090b7233ed7bd74befd714b
SSDEEP

384:e/4wODQkzonAYsju5N/surDQtOOtEvwDpjqIGROqS/Wcz0BVFLk:79inqyNR/QtOOtEvwDpjBKcmTk

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-01_82d41ed51638b7328bba019c26b822cd_cryptolocker
- Size
  
  38KB
- MD5
  
  82d41ed51638b7328bba019c26b822cd
- SHA1
  
  ccee89e67c6d8703ea379118607d03ffc12a554e
- SHA256
  
  e11cbea4592cf1807cd6b968c08d0a3fd8b28ebae35584c487a5b0cbc5c78bc2
- SHA512
  
  ad33b902318b23105e7ecec065e6bedeabfd62f1b27fdfac78de7faada2aa7f7815a9ce17b87788559232312244a35a9e0a4e683c090b7233ed7bd74befd714b
- SSDEEP
  
  384:e/4wODQkzonAYsju5N/surDQtOOtEvwDpjqIGROqS/Wcz0BVFLk:79inqyNR/QtOOtEvwDpjBKcmTk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2