9217d2287e0c4b15be3692596570a15cfbd0c9a56a3f49f455d5b7a61b7f00dd | Triage

Sharing

General

Target

2024-06-29_209883c88a13518a751c79a79fcf41cf_cryptolocker
Size

35KB
Sample

240629-asq1rawemd
MD5

209883c88a13518a751c79a79fcf41cf
SHA1

c11bd270735d4bd33742829bb33955467f6361a5
SHA256

9217d2287e0c4b15be3692596570a15cfbd0c9a56a3f49f455d5b7a61b7f00dd
SHA512

f539900998cb0a9ecc606f404c96104bc09d3f58d5c2d40b7e95cc1be1a9df335de58db7baf161549fb56c1a9f547fa820dbb39268eccebfa6c8314724c7e685
SSDEEP

384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvJF3SQ:bG74zYcgT/Ekd0ryfjkbCQ

Score

7^/10

Malware Config

Targets

- Target
  
  2024-06-29_209883c88a13518a751c79a79fcf41cf_cryptolocker
- Size
  
  35KB
- MD5
  
  209883c88a13518a751c79a79fcf41cf
- SHA1
  
  c11bd270735d4bd33742829bb33955467f6361a5
- SHA256
  
  9217d2287e0c4b15be3692596570a15cfbd0c9a56a3f49f455d5b7a61b7f00dd
- SHA512
  
  f539900998cb0a9ecc606f404c96104bc09d3f58d5c2d40b7e95cc1be1a9df335de58db7baf161549fb56c1a9f547fa820dbb39268eccebfa6c8314724c7e685
- SSDEEP
  
  384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvJF3SQ:bG74zYcgT/Ekd0ryfjkbCQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2