d93750b67cf2cf47934a3df3a04dac88f3f81c20ea004a83e2ff18f3b2878c57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-23_ea862a7d70b02a7c6284f36f442ce4b9_cryptolocker
Size

46KB
Sample

240823-kntk7axbjp
MD5

ea862a7d70b02a7c6284f36f442ce4b9
SHA1

f9a9e22f0149f36c382c7ebb1012858e85789762
SHA256

d93750b67cf2cf47934a3df3a04dac88f3f81c20ea004a83e2ff18f3b2878c57
SHA512

cf6834de5c570989a7af9ef422487fd9a0ff33f62d3e6c70ab0b1eb74f2dd762ad5187f181518017391b8e40e7d640b3bd8b1bf161f727b8a77c3a13b26b3b22
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUknqN:bm74zYcgT/EkM0ryfjdnqN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-23_ea862a7d70b02a7c6284f36f442ce4b9_cryptolocker
- Size
  
  46KB
- MD5
  
  ea862a7d70b02a7c6284f36f442ce4b9
- SHA1
  
  f9a9e22f0149f36c382c7ebb1012858e85789762
- SHA256
  
  d93750b67cf2cf47934a3df3a04dac88f3f81c20ea004a83e2ff18f3b2878c57
- SHA512
  
  cf6834de5c570989a7af9ef422487fd9a0ff33f62d3e6c70ab0b1eb74f2dd762ad5187f181518017391b8e40e7d640b3bd8b1bf161f727b8a77c3a13b26b3b22
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUknqN:bm74zYcgT/EkM0ryfjdnqN
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2