4c358ea6db90a6c0659e2a3d183f98acf657b8f114bd5df58ae289f54e998eca | Triage

Sharing

General

Target

2024-08-12_f5f665a1685ae5af4da0c5ba81d9b593_cryptolocker
Size

113KB
Sample

240812-hwfcesvcka
MD5

f5f665a1685ae5af4da0c5ba81d9b593
SHA1

71e72f5ddc9998ef7534fa89ec7ffb8b4c351732
SHA256

4c358ea6db90a6c0659e2a3d183f98acf657b8f114bd5df58ae289f54e998eca
SHA512

e71efe043f3995c6513bf5b6cea79e27f1d5530460f639a4ba0e43fd6c0809bff4d3b4fd5533521f25003a8c7ac81f7e1267606786cc05fe5879787c89a53daa
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNuj2GQi8b/xv4TSeA9+zmnwF:V6a+pOtEvwDpjtzg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-12_f5f665a1685ae5af4da0c5ba81d9b593_cryptolocker
- Size
  
  113KB
- MD5
  
  f5f665a1685ae5af4da0c5ba81d9b593
- SHA1
  
  71e72f5ddc9998ef7534fa89ec7ffb8b4c351732
- SHA256
  
  4c358ea6db90a6c0659e2a3d183f98acf657b8f114bd5df58ae289f54e998eca
- SHA512
  
  e71efe043f3995c6513bf5b6cea79e27f1d5530460f639a4ba0e43fd6c0809bff4d3b4fd5533521f25003a8c7ac81f7e1267606786cc05fe5879787c89a53daa
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNuj2GQi8b/xv4TSeA9+zmnwF:V6a+pOtEvwDpjtzg
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2