94306b84645d1bd8e776dca1c2df084f05e2cdc7d2e4c58d0c946a9560aec188 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_a4d611b3681944596d238380b2c5742e_cryptolocker
Size

36KB
Sample

240109-hjd9laefhp
MD5

a4d611b3681944596d238380b2c5742e
SHA1

d3473582f4950c39f06f23719d5be2b86a54468e
SHA256

94306b84645d1bd8e776dca1c2df084f05e2cdc7d2e4c58d0c946a9560aec188
SHA512

8c2af56869267c5fc37067ed5fdae4de50aacf0ae959f3061401a1fa0686f4b9cfcc6067738e93d9628f073b378306d02589971f56af01f09e312c8ea8d0824b
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nb/mVih:bAvJCYOOvbRPDEgXrNekd7l94i3p/f

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-08_a4d611b3681944596d238380b2c5742e_cryptolocker
- Size
  
  36KB
- MD5
  
  a4d611b3681944596d238380b2c5742e
- SHA1
  
  d3473582f4950c39f06f23719d5be2b86a54468e
- SHA256
  
  94306b84645d1bd8e776dca1c2df084f05e2cdc7d2e4c58d0c946a9560aec188
- SHA512
  
  8c2af56869267c5fc37067ed5fdae4de50aacf0ae959f3061401a1fa0686f4b9cfcc6067738e93d9628f073b378306d02589971f56af01f09e312c8ea8d0824b
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3Nb/mVih:bAvJCYOOvbRPDEgXrNekd7l94i3p/f
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2