c89404527cf183c52474ddcac04a886b8fc9f6bb1c08a25f02cb55f00cb5a106 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_0c39061a5c65932402a932c504381843_cryptolocker
Size

38KB
Sample

240111-gf456sffgm
MD5

0c39061a5c65932402a932c504381843
SHA1

0adddaeedb6f33f841161f025793bb6d930de429
SHA256

c89404527cf183c52474ddcac04a886b8fc9f6bb1c08a25f02cb55f00cb5a106
SHA512

75e36d7e48e1db315bb353140c6efaf89fff9f1b77fab0d809d06a908ef56dfa178dcc2d3d1c6d4a5b08afae177381d5b02edf52f091f215807b9d58570f2783
SSDEEP

768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRx:m5nkFNMOtEvwDpjG8hhXj

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-10_0c39061a5c65932402a932c504381843_cryptolocker
- Size
  
  38KB
- MD5
  
  0c39061a5c65932402a932c504381843
- SHA1
  
  0adddaeedb6f33f841161f025793bb6d930de429
- SHA256
  
  c89404527cf183c52474ddcac04a886b8fc9f6bb1c08a25f02cb55f00cb5a106
- SHA512
  
  75e36d7e48e1db315bb353140c6efaf89fff9f1b77fab0d809d06a908ef56dfa178dcc2d3d1c6d4a5b08afae177381d5b02edf52f091f215807b9d58570f2783
- SSDEEP
  
  768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRx:m5nkFNMOtEvwDpjG8hhXj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2