def7c7bfb36a74eeb0c71eb09e83ec78d080413fc4d88ff49b246b53065e3c36 | Triage

Sharing

General

Target

2024-01-06_a91edbc4e60f307793513bce2fb50d4d_cryptolocker
Size

39KB
Sample

240107-pem49sedej
MD5

a91edbc4e60f307793513bce2fb50d4d
SHA1

1c10514500c29c073c7db2e419d13630296d3b22
SHA256

def7c7bfb36a74eeb0c71eb09e83ec78d080413fc4d88ff49b246b53065e3c36
SHA512

bc4e00c8d89ec2a91d2febd35320ddf8a5ed6aa58fb22547c09b9f88ce5df17f136ef82bce5ff61870a27686ca8c6597e4da8988fe519d47f0ec8cc62124e29f
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKM3Az5mF:vj+jsMQMOtEvwDpj5Ht13A4F

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-06_a91edbc4e60f307793513bce2fb50d4d_cryptolocker
- Size
  
  39KB
- MD5
  
  a91edbc4e60f307793513bce2fb50d4d
- SHA1
  
  1c10514500c29c073c7db2e419d13630296d3b22
- SHA256
  
  def7c7bfb36a74eeb0c71eb09e83ec78d080413fc4d88ff49b246b53065e3c36
- SHA512
  
  bc4e00c8d89ec2a91d2febd35320ddf8a5ed6aa58fb22547c09b9f88ce5df17f136ef82bce5ff61870a27686ca8c6597e4da8988fe519d47f0ec8cc62124e29f
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKM3Az5mF:vj+jsMQMOtEvwDpj5Ht13A4F
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2