755c4b2f88a23980f7c2575183c38c87a1ba4eeedc7e40543a22bb04aea207b3 | Triage

Sharing

General

Target

2024-01-09_c308eb4f4aec70b51f6159d350deef04_cryptolocker
Size

32KB
Sample

240110-gqt3yshcbp
MD5

c308eb4f4aec70b51f6159d350deef04
SHA1

d5db9d5ac929f1750416f7f60d5160e367de3fce
SHA256

755c4b2f88a23980f7c2575183c38c87a1ba4eeedc7e40543a22bb04aea207b3
SHA512

201cc354439207ea1bb2ff96288881be79620c99ec64dc622b974eb893236eeef19874fbcabf94f5365067b1e167ad1a80e2a77db01131bc6375054d4928d019
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PRG:b/yC4GyNM01GuQMNXw2PSjS2uvdHd90

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-01-09_c308eb4f4aec70b51f6159d350deef04_cryptolocker
- Size
  
  32KB
- MD5
  
  c308eb4f4aec70b51f6159d350deef04
- SHA1
  
  d5db9d5ac929f1750416f7f60d5160e367de3fce
- SHA256
  
  755c4b2f88a23980f7c2575183c38c87a1ba4eeedc7e40543a22bb04aea207b3
- SHA512
  
  201cc354439207ea1bb2ff96288881be79620c99ec64dc622b974eb893236eeef19874fbcabf94f5365067b1e167ad1a80e2a77db01131bc6375054d4928d019
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PRG:b/yC4GyNM01GuQMNXw2PSjS2uvdHd90
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2