3200d746d5cee5aaf834baec4fcceb2928d154c0dfdb981d5941638853389c9f | Triage

Sharing

General

Target

2024-07-27_052768b99c0ebf7ed32789ba8e37acb8_cryptolocker
Size

49KB
Sample

240727-g4ev7avaph
MD5

052768b99c0ebf7ed32789ba8e37acb8
SHA1

d8c43f24a08310557c32257267a293e7ba41bcae
SHA256

3200d746d5cee5aaf834baec4fcceb2928d154c0dfdb981d5941638853389c9f
SHA512

b4c03365875ef03f765d4fdf5e256a847618742c51594cd465a8162a948ebd700abe493ec8bd3167cb36f5102b61855c148cd0915a54c5d1775bde329a9acc64
SSDEEP

384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/74zpzP:XS5nQJ24LR1bytOOtEvwDpjNbP/0Geht

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-07-27_052768b99c0ebf7ed32789ba8e37acb8_cryptolocker
- Size
  
  49KB
- MD5
  
  052768b99c0ebf7ed32789ba8e37acb8
- SHA1
  
  d8c43f24a08310557c32257267a293e7ba41bcae
- SHA256
  
  3200d746d5cee5aaf834baec4fcceb2928d154c0dfdb981d5941638853389c9f
- SHA512
  
  b4c03365875ef03f765d4fdf5e256a847618742c51594cd465a8162a948ebd700abe493ec8bd3167cb36f5102b61855c148cd0915a54c5d1775bde329a9acc64
- SSDEEP
  
  384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/74zpzP:XS5nQJ24LR1bytOOtEvwDpjNbP/0Geht
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2