4b76b6587c3dd54aecd8225f56b1cc0f05623a1d163c5a9c8381da9b4a7a6d00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_597b65f1da01f73b685fc58724f83157_cryptolocker
Size

38KB
Sample

240111-gjnmlahdg4
MD5

597b65f1da01f73b685fc58724f83157
SHA1

615b65f16dec2b6b31a2e3fda7be6a29e2875b92
SHA256

4b76b6587c3dd54aecd8225f56b1cc0f05623a1d163c5a9c8381da9b4a7a6d00
SHA512

10c7de3890428255994cbecbc02cb17eb79fe2680e57d817e02e81663affbae57ae6b46eb6ac0d65df7aee09901718e14b4d5d349c25b92bda9ccb265caebf2b
SSDEEP

384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf0w3sp8u5co9+rXek:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+rh

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-10_597b65f1da01f73b685fc58724f83157_cryptolocker
- Size
  
  38KB
- MD5
  
  597b65f1da01f73b685fc58724f83157
- SHA1
  
  615b65f16dec2b6b31a2e3fda7be6a29e2875b92
- SHA256
  
  4b76b6587c3dd54aecd8225f56b1cc0f05623a1d163c5a9c8381da9b4a7a6d00
- SHA512
  
  10c7de3890428255994cbecbc02cb17eb79fe2680e57d817e02e81663affbae57ae6b46eb6ac0d65df7aee09901718e14b4d5d349c25b92bda9ccb265caebf2b
- SSDEEP
  
  384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf0w3sp8u5co9+rXek:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+rh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2