254dd80deeb26d65964db37a472d247c28af029300e67596d2c53a8f2698d17f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_896c91168a357b46384ffd96f65320cb_cryptolocker
Size

35KB
Sample

240109-hhehzaeabr
MD5

896c91168a357b46384ffd96f65320cb
SHA1

1b452fc86919249038240a8e87843074320fe51d
SHA256

254dd80deeb26d65964db37a472d247c28af029300e67596d2c53a8f2698d17f
SHA512

3425cca3b2d7c05fc781496aaa28307c40a1d73d9385037273bccf9f9e4a5adc78478316e4d1660c34f0b67676fc45bedc4c62bf2f5fb74e003bfd8efedbb5e5
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcD:bxNrC7kYo1Fxf3s05rD

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-08_896c91168a357b46384ffd96f65320cb_cryptolocker
- Size
  
  35KB
- MD5
  
  896c91168a357b46384ffd96f65320cb
- SHA1
  
  1b452fc86919249038240a8e87843074320fe51d
- SHA256
  
  254dd80deeb26d65964db37a472d247c28af029300e67596d2c53a8f2698d17f
- SHA512
  
  3425cca3b2d7c05fc781496aaa28307c40a1d73d9385037273bccf9f9e4a5adc78478316e4d1660c34f0b67676fc45bedc4c62bf2f5fb74e003bfd8efedbb5e5
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcD:bxNrC7kYo1Fxf3s05rD
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2