833413f0d0cc30c811f5c3122727df39ff419dfd4ee28a0ebca88a304e315186 | Triage

Sharing

General

Target

2024-07-10_11976b7f388e086fb580a5a3b987724e_cryptolocker
Size

50KB
Sample

240710-g5hy8s1gql
MD5

11976b7f388e086fb580a5a3b987724e
SHA1

73ccf58172698f1125a1c417fba769e5c802a772
SHA256

833413f0d0cc30c811f5c3122727df39ff419dfd4ee28a0ebca88a304e315186
SHA512

6a3c80aea3d2e7b359f0671b43e0e9afaf2a4e9a046fdabb0df163f0602ddd6493ad79248caf372c00599243fc294f8b861c4156098a3f2fe4f3bc48ad63120f
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nn:vj+jsMQMOtEvwDpj5HczerLO04B0

Score

7^/10

Malware Config

Targets

- Target
  
  2024-07-10_11976b7f388e086fb580a5a3b987724e_cryptolocker
- Size
  
  50KB
- MD5
  
  11976b7f388e086fb580a5a3b987724e
- SHA1
  
  73ccf58172698f1125a1c417fba769e5c802a772
- SHA256
  
  833413f0d0cc30c811f5c3122727df39ff419dfd4ee28a0ebca88a304e315186
- SHA512
  
  6a3c80aea3d2e7b359f0671b43e0e9afaf2a4e9a046fdabb0df163f0602ddd6493ad79248caf372c00599243fc294f8b861c4156098a3f2fe4f3bc48ad63120f
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nn:vj+jsMQMOtEvwDpj5HczerLO04B0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2