87c90d4dc3d0897bb632926b47804e070181a645bea817ed823dba498665fee2 | Triage

Sharing

General

Target

2024-01-06_991663f006fd52ff7ed40b190f47f8cf_cryptolocker
Size

32KB
Sample

240107-pd344afbh6
MD5

991663f006fd52ff7ed40b190f47f8cf
SHA1

fb768c7e137ad1e454836a7fe52f2847b9667655
SHA256

87c90d4dc3d0897bb632926b47804e070181a645bea817ed823dba498665fee2
SHA512

d4cc95361de6b5ca067ea963f5bb7fd660f127edd952221e8e890dd72ba2e4fd43b53be3a3daa2500efa02dbd3ddc60e4560576b07d417e701d4d42a68195a63
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AmflxB:b/yC4GyNM01GuQMNXw2PSjHWzB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-01-06_991663f006fd52ff7ed40b190f47f8cf_cryptolocker
- Size
  
  32KB
- MD5
  
  991663f006fd52ff7ed40b190f47f8cf
- SHA1
  
  fb768c7e137ad1e454836a7fe52f2847b9667655
- SHA256
  
  87c90d4dc3d0897bb632926b47804e070181a645bea817ed823dba498665fee2
- SHA512
  
  d4cc95361de6b5ca067ea963f5bb7fd660f127edd952221e8e890dd72ba2e4fd43b53be3a3daa2500efa02dbd3ddc60e4560576b07d417e701d4d42a68195a63
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AmflxB:b/yC4GyNM01GuQMNXw2PSjHWzB
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2