656bed6542e23fca9d40dc8f7d7c04e6128ed3cc8a0eea2579f931f31d8c1737 | Triage

Sharing

General

Target

2024-01-06_583320ee13f1d2d1443ae48dec01196e_cryptolocker
Size

33KB
Sample

240107-pbwx1addfj
MD5

583320ee13f1d2d1443ae48dec01196e
SHA1

596fb1294b06ad6b3fcf54e69b7674122df30969
SHA256

656bed6542e23fca9d40dc8f7d7c04e6128ed3cc8a0eea2579f931f31d8c1737
SHA512

4dc538a5c3ae968cd7ee4fe138cdbd12e883dd61d01677ff8e2f589d1b4b55dd42844b76cfd63cbbfdc15ae8cee1bec9323a8814de4fa0ef56665f3723ffd7a6
SSDEEP

768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmod:qmbhXDmjr5MOtEvwDpj5cDd

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-06_583320ee13f1d2d1443ae48dec01196e_cryptolocker
- Size
  
  33KB
- MD5
  
  583320ee13f1d2d1443ae48dec01196e
- SHA1
  
  596fb1294b06ad6b3fcf54e69b7674122df30969
- SHA256
  
  656bed6542e23fca9d40dc8f7d7c04e6128ed3cc8a0eea2579f931f31d8c1737
- SHA512
  
  4dc538a5c3ae968cd7ee4fe138cdbd12e883dd61d01677ff8e2f589d1b4b55dd42844b76cfd63cbbfdc15ae8cee1bec9323a8814de4fa0ef56665f3723ffd7a6
- SSDEEP
  
  768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmod:qmbhXDmjr5MOtEvwDpj5cDd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2