88e11fcc6ec15c592db95fbd7d0005675041fb5c9a3770e86a62f38c3d4a2c94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_adcf2315f8b460e1988bf5f49bf26b2f_cryptolocker
Size

34KB
Sample

240110-gp5s3ahaak
MD5

adcf2315f8b460e1988bf5f49bf26b2f
SHA1

2c9d5e2532fe954fb752cc00b4e5f6a0fc08d872
SHA256

88e11fcc6ec15c592db95fbd7d0005675041fb5c9a3770e86a62f38c3d4a2c94
SHA512

6a2ff6e10fbec357b84cf3ee80a43caf2d8f4311d7dd50749c222e469d521105102cb3f1dbcd99023c3639ef81af84d9bcd3dd7baa3aa7c811f9b4c8d8b89b74
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzogFzpjufAq18st8O:bAvJCYOOvbRPDEgXVFzpCYVe

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-09_adcf2315f8b460e1988bf5f49bf26b2f_cryptolocker
- Size
  
  34KB
- MD5
  
  adcf2315f8b460e1988bf5f49bf26b2f
- SHA1
  
  2c9d5e2532fe954fb752cc00b4e5f6a0fc08d872
- SHA256
  
  88e11fcc6ec15c592db95fbd7d0005675041fb5c9a3770e86a62f38c3d4a2c94
- SHA512
  
  6a2ff6e10fbec357b84cf3ee80a43caf2d8f4311d7dd50749c222e469d521105102cb3f1dbcd99023c3639ef81af84d9bcd3dd7baa3aa7c811f9b4c8d8b89b74
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzogFzpjufAq18st8O:bAvJCYOOvbRPDEgXVFzpCYVe
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2