2308fb0d45cbf9d42adc76d85296ffe635dc9b5aac862710e1bcd874caff33e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-14_61ef1072e9be50d5c233f7d7f5b7a566_cryptolocker
Size

73KB
Sample

240814-tw4wka1gnd
MD5

61ef1072e9be50d5c233f7d7f5b7a566
SHA1

d3f6361beb2ccaaf0c6a62708ab8900475d9c69d
SHA256

2308fb0d45cbf9d42adc76d85296ffe635dc9b5aac862710e1bcd874caff33e5
SHA512

b58f600b10757fd0de60b6c2d5958d3768314680e28fb19ba61b806268aa8f62b08f881677ddeeb437ee839fa5aad40a2e3a8652a6b7d8360d159e83e33dcd06
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Ru:vj+jsMQMOtEvwDpj5HZYTjipvF24pU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-14_61ef1072e9be50d5c233f7d7f5b7a566_cryptolocker
- Size
  
  73KB
- MD5
  
  61ef1072e9be50d5c233f7d7f5b7a566
- SHA1
  
  d3f6361beb2ccaaf0c6a62708ab8900475d9c69d
- SHA256
  
  2308fb0d45cbf9d42adc76d85296ffe635dc9b5aac862710e1bcd874caff33e5
- SHA512
  
  b58f600b10757fd0de60b6c2d5958d3768314680e28fb19ba61b806268aa8f62b08f881677ddeeb437ee839fa5aad40a2e3a8652a6b7d8360d159e83e33dcd06
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Ru:vj+jsMQMOtEvwDpj5HZYTjipvF24pU
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2