23b992c583d1943858e0ee1799796608542f8b91379f7ec463b210965cba619e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-10_f54edb521d065670f7a183d04740f48f_cryptolocker
Size

30KB
Sample

240810-evlk9svgrk
MD5

f54edb521d065670f7a183d04740f48f
SHA1

4448a1991121f94f654d70e4d002e4def828f687
SHA256

23b992c583d1943858e0ee1799796608542f8b91379f7ec463b210965cba619e
SHA512

d6088f79f3bfb38cb80dd0eecd99494c0c3c419c4e90f2cd6ecae9f05b81f27fcde07a856868c24b48e4ffe2c0b4d0c97717dff19eb473f6692f30908ffce480
SSDEEP

384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRS/Vb9hV:vQz7yVEhs9+js1SQtOOtEvwDpjz9+9W

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-10_f54edb521d065670f7a183d04740f48f_cryptolocker
- Size
  
  30KB
- MD5
  
  f54edb521d065670f7a183d04740f48f
- SHA1
  
  4448a1991121f94f654d70e4d002e4def828f687
- SHA256
  
  23b992c583d1943858e0ee1799796608542f8b91379f7ec463b210965cba619e
- SHA512
  
  d6088f79f3bfb38cb80dd0eecd99494c0c3c419c4e90f2cd6ecae9f05b81f27fcde07a856868c24b48e4ffe2c0b4d0c97717dff19eb473f6692f30908ffce480
- SSDEEP
  
  384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRS/Vb9hV:vQz7yVEhs9+js1SQtOOtEvwDpjz9+9W
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2