649053328aee94049d367e57f49ed06df515d0cf97c1b5194745919894146130 | Triage

Sharing

General

Target

2024-07-26_4be4d5754e3b1e98ac0a44380d7fef28_cryptolocker
Size

72KB
Sample

240726-1ptwcawhrm
MD5

4be4d5754e3b1e98ac0a44380d7fef28
SHA1

05a302fd4cabcb35823b99f9442bbf3ca5ce6c79
SHA256

649053328aee94049d367e57f49ed06df515d0cf97c1b5194745919894146130
SHA512

1c623d75e01d0d52ebc33ea521addfd2d5ec35f52a38f2528e832c607bbf1359cdf5c130d469107919b45bc64c28e34575a96c04b51d6b36cc40312a177670c3
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rp:vj+jsMQMOtEvwDpj5HZYTjipvF24x

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-07-26_4be4d5754e3b1e98ac0a44380d7fef28_cryptolocker
- Size
  
  72KB
- MD5
  
  4be4d5754e3b1e98ac0a44380d7fef28
- SHA1
  
  05a302fd4cabcb35823b99f9442bbf3ca5ce6c79
- SHA256
  
  649053328aee94049d367e57f49ed06df515d0cf97c1b5194745919894146130
- SHA512
  
  1c623d75e01d0d52ebc33ea521addfd2d5ec35f52a38f2528e832c607bbf1359cdf5c130d469107919b45bc64c28e34575a96c04b51d6b36cc40312a177670c3
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rp:vj+jsMQMOtEvwDpj5HZYTjipvF24x
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2