11e8672f774e577eac38bb8ad75e1aef42d5409912d7d0c54a297eef79703fae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-24_f3486a947ca89e7e912916b7bb904594_cryptolocker
Size

57KB
Sample

240824-qp3hdatgjm
MD5

f3486a947ca89e7e912916b7bb904594
SHA1

aaba940d3a3264f7da56159d243897a34169e0d2
SHA256

11e8672f774e577eac38bb8ad75e1aef42d5409912d7d0c54a297eef79703fae
SHA512

d23700b6719778c6aacdd246dc27b7764bdc92037ddc255e08fa14db730c2d9fd1b724d83674b3c052e5255effe35aeb457fd4ee4eb9291910a7c8a703766989
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMr:TCjsIOtEvwDpj5HE/OUHnSMV

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-24_f3486a947ca89e7e912916b7bb904594_cryptolocker
- Size
  
  57KB
- MD5
  
  f3486a947ca89e7e912916b7bb904594
- SHA1
  
  aaba940d3a3264f7da56159d243897a34169e0d2
- SHA256
  
  11e8672f774e577eac38bb8ad75e1aef42d5409912d7d0c54a297eef79703fae
- SHA512
  
  d23700b6719778c6aacdd246dc27b7764bdc92037ddc255e08fa14db730c2d9fd1b724d83674b3c052e5255effe35aeb457fd4ee4eb9291910a7c8a703766989
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMr:TCjsIOtEvwDpj5HE/OUHnSMV
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2