50589eae7bf4cc8b6e1b63746dea08d3f5459ea13e5fdacb07e97d78c16da180 | Triage

Sharing

General

Target

2024-08-11_780045ee0a0a12f09977ba8ee11fe628_cryptolocker
Size

392KB
Sample

240811-ys84bsvhqm
MD5

780045ee0a0a12f09977ba8ee11fe628
SHA1

b9e071911dd5ec791f362a2919fed1c36014bdc5
SHA256

50589eae7bf4cc8b6e1b63746dea08d3f5459ea13e5fdacb07e97d78c16da180
SHA512

9f5fb876c4489cd3b1ffeb5a294a74aa14fa3a8f120c669654c9ea80f35d2114bd3cf8ed1f83e3cb9edd58fb7f4d9133b85eea67c5b03f17052876b712af6c25
SSDEEP

6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXRZ:nnOflT/ZFIjBz3xjTxynGUOUhXRZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-11_780045ee0a0a12f09977ba8ee11fe628_cryptolocker
- Size
  
  392KB
- MD5
  
  780045ee0a0a12f09977ba8ee11fe628
- SHA1
  
  b9e071911dd5ec791f362a2919fed1c36014bdc5
- SHA256
  
  50589eae7bf4cc8b6e1b63746dea08d3f5459ea13e5fdacb07e97d78c16da180
- SHA512
  
  9f5fb876c4489cd3b1ffeb5a294a74aa14fa3a8f120c669654c9ea80f35d2114bd3cf8ed1f83e3cb9edd58fb7f4d9133b85eea67c5b03f17052876b712af6c25
- SSDEEP
  
  6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXRZ:nnOflT/ZFIjBz3xjTxynGUOUhXRZ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2