4947db4dc184c927b4cc879b1e79982d451e572113be41ee4dd233dc7d8caf28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

202405211b3f1b13dddc19b9f3317998aaae8fc7cryptolocker
Size

64KB
Sample

240522-ft5hesch57
MD5

1b3f1b13dddc19b9f3317998aaae8fc7
SHA1

441ff48f15ec795c5d87f64c2718ca8074f9a7d4
SHA256

4947db4dc184c927b4cc879b1e79982d451e572113be41ee4dd233dc7d8caf28
SHA512

72e155fddbf021636f2de3d5a1279d9ed6dabcdbd1b7191551897432902c097de9dcde0b69c159478faea14dd48cdf6d34955b77164e04217277b520b80899d3
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMTIzYd:TCjsIOtEvwDpj5HE/OUHnSMe

Score

7^/10

Malware Config

Targets

- Target
  
  202405211b3f1b13dddc19b9f3317998aaae8fc7cryptolocker
- Size
  
  64KB
- MD5
  
  1b3f1b13dddc19b9f3317998aaae8fc7
- SHA1
  
  441ff48f15ec795c5d87f64c2718ca8074f9a7d4
- SHA256
  
  4947db4dc184c927b4cc879b1e79982d451e572113be41ee4dd233dc7d8caf28
- SHA512
  
  72e155fddbf021636f2de3d5a1279d9ed6dabcdbd1b7191551897432902c097de9dcde0b69c159478faea14dd48cdf6d34955b77164e04217277b520b80899d3
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMTIzYd:TCjsIOtEvwDpj5HE/OUHnSMe
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2