fac241300f20c30ebcf246d7d55bcc582928eba7eee230d4f30ebe65c43fb226 | Triage

Sharing

General

Target

2024-07-08_9be41a2cea15f68c6ddf967d91e02bac_cryptolocker
Size

50KB
Sample

240708-pskw3a1grd
MD5

9be41a2cea15f68c6ddf967d91e02bac
SHA1

e1d39162c2c960dff5aed4250343852c26f1117d
SHA256

fac241300f20c30ebcf246d7d55bcc582928eba7eee230d4f30ebe65c43fb226
SHA512

8235169dc4f8ed268292482eb3509d93f7434ee11cbe0eadd312590244e5d76f7abdb6b183cfed712b2de42eaf843a98b70ae27ad8db97dfc28e93b22bd9e74e
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nDy:vj+jsMQMOtEvwDpj5HczerLO04BIy

Score

7^/10

Malware Config

Targets

- Target
  
  2024-07-08_9be41a2cea15f68c6ddf967d91e02bac_cryptolocker
- Size
  
  50KB
- MD5
  
  9be41a2cea15f68c6ddf967d91e02bac
- SHA1
  
  e1d39162c2c960dff5aed4250343852c26f1117d
- SHA256
  
  fac241300f20c30ebcf246d7d55bcc582928eba7eee230d4f30ebe65c43fb226
- SHA512
  
  8235169dc4f8ed268292482eb3509d93f7434ee11cbe0eadd312590244e5d76f7abdb6b183cfed712b2de42eaf843a98b70ae27ad8db97dfc28e93b22bd9e74e
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nDy:vj+jsMQMOtEvwDpj5HczerLO04BIy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2