be1049af5e2b53fc0cf979e30f1e77f9a9ee1872b3635aae755bc9566bd9169e | Triage

Sharing

General

Target

2024-08-17_732d70cd72b216a3dd4d3e586ca2cf48_cryptolocker
Size

73KB
Sample

240817-rq3p7stamr
MD5

732d70cd72b216a3dd4d3e586ca2cf48
SHA1

cb387d8b631587b084551d776b5c35eb7615cfd6
SHA256

be1049af5e2b53fc0cf979e30f1e77f9a9ee1872b3635aae755bc9566bd9169e
SHA512

4e97e2d9f5a0873dd6e2db5ef90c4474a7d0c92ade85be81300643d09f45b142cfe8579f9fb24cf060d87d4f06714d916a984a9281cee19afae39dd313f551ee
SSDEEP

1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUNZOQ2r:DW60sllyWOtEvwDpjwF85u

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-17_732d70cd72b216a3dd4d3e586ca2cf48_cryptolocker
- Size
  
  73KB
- MD5
  
  732d70cd72b216a3dd4d3e586ca2cf48
- SHA1
  
  cb387d8b631587b084551d776b5c35eb7615cfd6
- SHA256
  
  be1049af5e2b53fc0cf979e30f1e77f9a9ee1872b3635aae755bc9566bd9169e
- SHA512
  
  4e97e2d9f5a0873dd6e2db5ef90c4474a7d0c92ade85be81300643d09f45b142cfe8579f9fb24cf060d87d4f06714d916a984a9281cee19afae39dd313f551ee
- SSDEEP
  
  1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUNZOQ2r:DW60sllyWOtEvwDpjwF85u
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2