654fd7ad55037105e1ee0789870f4127d3ed65197a2d1f974f3ec9a225e729b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-16_df5d2a3e1665bb3f34e90287f7613098_cryptolocker
Size

73KB
Sample

240816-3s54wsvcpf
MD5

df5d2a3e1665bb3f34e90287f7613098
SHA1

300f8f1f244e2d19ec19314ffd3c8e9bade8843e
SHA256

654fd7ad55037105e1ee0789870f4127d3ed65197a2d1f974f3ec9a225e729b0
SHA512

8c70a88e20f5bad7f4f3887b086bc90b740094fed388080dcbcf5bf10823a3a0bec2e1d78364f232f76a34cd98466f5c0386d8e17ae86cf0d2f21f62a604515c
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/R7:vj+jsMQMOtEvwDpj5HZYTjipvF24GI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-16_df5d2a3e1665bb3f34e90287f7613098_cryptolocker
- Size
  
  73KB
- MD5
  
  df5d2a3e1665bb3f34e90287f7613098
- SHA1
  
  300f8f1f244e2d19ec19314ffd3c8e9bade8843e
- SHA256
  
  654fd7ad55037105e1ee0789870f4127d3ed65197a2d1f974f3ec9a225e729b0
- SHA512
  
  8c70a88e20f5bad7f4f3887b086bc90b740094fed388080dcbcf5bf10823a3a0bec2e1d78364f232f76a34cd98466f5c0386d8e17ae86cf0d2f21f62a604515c
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/R7:vj+jsMQMOtEvwDpj5HZYTjipvF24GI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2