c673111b2c14572df712eaa33671777b8228d521924474d66a718a595f8b96c7 | Triage

Sharing

General

Target

2024-08-14_9266a7779c3874a0704c8f612cfe7a8d_cryptolocker
Size

40KB
Sample

240814-mrlqvsxfkg
MD5

9266a7779c3874a0704c8f612cfe7a8d
SHA1

33dc0388979c26271229a0c9dc05bf8e5dc2e77d
SHA256

c673111b2c14572df712eaa33671777b8228d521924474d66a718a595f8b96c7
SHA512

14d23721f95bc89b3a98d4f58714272b53cb7b3eb2ca578c3865bf0122676ead2897f97e856483b1fed8f8079f658ee7e3b51ce77d720da80f93d89d9a943bc1
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qRV:fT+hsMQMOtEvwDpjoIHM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-14_9266a7779c3874a0704c8f612cfe7a8d_cryptolocker
- Size
  
  40KB
- MD5
  
  9266a7779c3874a0704c8f612cfe7a8d
- SHA1
  
  33dc0388979c26271229a0c9dc05bf8e5dc2e77d
- SHA256
  
  c673111b2c14572df712eaa33671777b8228d521924474d66a718a595f8b96c7
- SHA512
  
  14d23721f95bc89b3a98d4f58714272b53cb7b3eb2ca578c3865bf0122676ead2897f97e856483b1fed8f8079f658ee7e3b51ce77d720da80f93d89d9a943bc1
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qRV:fT+hsMQMOtEvwDpjoIHM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2