0872ade8196ada4233e8cde9dce16d0daff0d9f7e1e837cdb97d16f293783338 | Triage

Sharing

General

Target

2024-07-24_6f8e52c6032abd18cd6f1384394286d3_cryptolocker
Size

72KB
Sample

240724-gtdkda1fpn
MD5

6f8e52c6032abd18cd6f1384394286d3
SHA1

cb64fe0af6c4c61819738d7e223587c922f2de78
SHA256

0872ade8196ada4233e8cde9dce16d0daff0d9f7e1e837cdb97d16f293783338
SHA512

a8ad9ba7a80831f54117a11f504fa3b6b8d7b422dbea22ad0391aa32a55c136c246bc4a7e35fa772b6e8341a6edbbd6dd09b3fd0d7c08d4659e2827e0c089a0b
SSDEEP

1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUNZO5+:DW60sllyWOtEvwDpjwF85b

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-07-24_6f8e52c6032abd18cd6f1384394286d3_cryptolocker
- Size
  
  72KB
- MD5
  
  6f8e52c6032abd18cd6f1384394286d3
- SHA1
  
  cb64fe0af6c4c61819738d7e223587c922f2de78
- SHA256
  
  0872ade8196ada4233e8cde9dce16d0daff0d9f7e1e837cdb97d16f293783338
- SHA512
  
  a8ad9ba7a80831f54117a11f504fa3b6b8d7b422dbea22ad0391aa32a55c136c246bc4a7e35fa772b6e8341a6edbbd6dd09b3fd0d7c08d4659e2827e0c089a0b
- SSDEEP
  
  1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUNZO5+:DW60sllyWOtEvwDpjwF85b
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2