a594458be002964faeb265cd983649da127b795e92d0bf1f2ce359693f2ed291 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20240615a1af3f97d301f9f381cd9ac1d9861f21cryptolocker.exe
Size

47KB
Sample

240615-vnrfyayane
MD5

a1af3f97d301f9f381cd9ac1d9861f21
SHA1

d5ae9101fcf1d767984539ff0014f0341b88a4b1
SHA256

a594458be002964faeb265cd983649da127b795e92d0bf1f2ce359693f2ed291
SHA512

76b81eed9239eceb75f52082753ab0b6e5eb6d6978639de231e50bbf535a3660a5f7f8ed7b48f7fae5606c27ecc221872067c444251f0800ace151aa8290f953
SSDEEP

384:e/4wODQkzonAYsju5N/surDQtOOtEvwDpjqIGROqS/WccJVJwi2B5oCCM8CLW2Vp:79inqyNR/QtOOtEvwDpjBKccJVODvy3Y

Score

7^/10

Malware Config

Targets

- Target
  
  20240615a1af3f97d301f9f381cd9ac1d9861f21cryptolocker.exe
- Size
  
  47KB
- MD5
  
  a1af3f97d301f9f381cd9ac1d9861f21
- SHA1
  
  d5ae9101fcf1d767984539ff0014f0341b88a4b1
- SHA256
  
  a594458be002964faeb265cd983649da127b795e92d0bf1f2ce359693f2ed291
- SHA512
  
  76b81eed9239eceb75f52082753ab0b6e5eb6d6978639de231e50bbf535a3660a5f7f8ed7b48f7fae5606c27ecc221872067c444251f0800ace151aa8290f953
- SSDEEP
  
  384:e/4wODQkzonAYsju5N/surDQtOOtEvwDpjqIGROqS/WccJVJwi2B5oCCM8CLW2Vp:79inqyNR/QtOOtEvwDpjBKccJVODvy3Y
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2