aa1aed60565659c04fa4b04c3019af7f3e7e7e894dbb1cdc51de8577b424b8de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-01_c208962bda71c15eddeb577746346d3f_cryptolocker
Size

58KB
Sample

240105-gjjzeadeaq
MD5

c208962bda71c15eddeb577746346d3f
SHA1

040f00b536e78a597f9a6af61d83714d6ad755e4
SHA256

aa1aed60565659c04fa4b04c3019af7f3e7e7e894dbb1cdc51de8577b424b8de
SHA512

8b74721429b4d8043660dd3bd468bb4a57771c80ab451c0c9f8470aa9296c08a9cc1ade6fd7fd6c38bf84603c7eb2f8607bbb41cf147b962456f6e3acae96334
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMT7P:TCjsIOtEvwDpj5HE/OUHnSMo

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-01_c208962bda71c15eddeb577746346d3f_cryptolocker
- Size
  
  58KB
- MD5
  
  c208962bda71c15eddeb577746346d3f
- SHA1
  
  040f00b536e78a597f9a6af61d83714d6ad755e4
- SHA256
  
  aa1aed60565659c04fa4b04c3019af7f3e7e7e894dbb1cdc51de8577b424b8de
- SHA512
  
  8b74721429b4d8043660dd3bd468bb4a57771c80ab451c0c9f8470aa9296c08a9cc1ade6fd7fd6c38bf84603c7eb2f8607bbb41cf147b962456f6e3acae96334
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMT7P:TCjsIOtEvwDpj5HE/OUHnSMo
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2