40a968ec095e01624a5a39b6398381863e3786329e29bc0f12ebcb686aa6ba05 | Triage

Sharing

General

Target

202405244a2e467599fd3fe7157fe0de27adab20cryptolocker
Size

49KB
Sample

240525-z4835sbb95
MD5

4a2e467599fd3fe7157fe0de27adab20
SHA1

2513023b83500d91c6cc89e318a1e5a6b853f5ee
SHA256

40a968ec095e01624a5a39b6398381863e3786329e29bc0f12ebcb686aa6ba05
SHA512

ec0d94f58e2f25a13595e339d82a8c53b18848779f7672762570b8593afd3c383e215abc31527f99ad655bb1bce9e1d0ee57ba60519080fc1249472188e5a49d
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nNX:vj+jsMQMOtEvwDpj5HczerLO04B8X

Score

7^/10

Malware Config

Targets

- Target
  
  202405244a2e467599fd3fe7157fe0de27adab20cryptolocker
- Size
  
  49KB
- MD5
  
  4a2e467599fd3fe7157fe0de27adab20
- SHA1
  
  2513023b83500d91c6cc89e318a1e5a6b853f5ee
- SHA256
  
  40a968ec095e01624a5a39b6398381863e3786329e29bc0f12ebcb686aa6ba05
- SHA512
  
  ec0d94f58e2f25a13595e339d82a8c53b18848779f7672762570b8593afd3c383e215abc31527f99ad655bb1bce9e1d0ee57ba60519080fc1249472188e5a49d
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nNX:vj+jsMQMOtEvwDpj5HczerLO04B8X
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2