884929ec7168ad5dc65aaab4bd3312b2e8335fb74ad564ae0bd2e02261af3690 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-24_45aebcc8df79c8a017b6bbff967c137e_cryptolocker
Size

45KB
Sample

240624-rtlabszfrq
MD5

45aebcc8df79c8a017b6bbff967c137e
SHA1

ac134a701f05962dfc73b5582d4b877115bea1b5
SHA256

884929ec7168ad5dc65aaab4bd3312b2e8335fb74ad564ae0bd2e02261af3690
SHA512

3dc3a4bbbc752c17c5ba201fa181a91aa76670adc4b18234be9362e5be81bfb73681270d3cb75cfd92b2dfd312866b949528256c31cea0554f21f3db43b4a7f1
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUk3b+NU:bm74zYcgT/EkM0ryfjd3WU

Score

7^/10

Malware Config

Targets

- Target
  
  2024-06-24_45aebcc8df79c8a017b6bbff967c137e_cryptolocker
- Size
  
  45KB
- MD5
  
  45aebcc8df79c8a017b6bbff967c137e
- SHA1
  
  ac134a701f05962dfc73b5582d4b877115bea1b5
- SHA256
  
  884929ec7168ad5dc65aaab4bd3312b2e8335fb74ad564ae0bd2e02261af3690
- SHA512
  
  3dc3a4bbbc752c17c5ba201fa181a91aa76670adc4b18234be9362e5be81bfb73681270d3cb75cfd92b2dfd312866b949528256c31cea0554f21f3db43b4a7f1
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUk3b+NU:bm74zYcgT/EkM0ryfjd3WU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2