d79d940fe7db6d5c80496d80fb4855397d51785089834c66a329bba7bf699a82 | Triage

Sharing

General

Target

2024-08-26_58feb25b7e7ed656d87aef79c2b0d4c8_cryptolocker
Size

46KB
Sample

240826-hgdv2s1hqp
MD5

58feb25b7e7ed656d87aef79c2b0d4c8
SHA1

dbff6245b5bafcace1ae33d324407288e8a4e81c
SHA256

d79d940fe7db6d5c80496d80fb4855397d51785089834c66a329bba7bf699a82
SHA512

8bc4cd8bc9784bbcc33850297bd1cc3a1f02bf3f8ccda65a1dd3d0dbb66c43c0e63dc7cb8176824346e15676a8d32d589691d0949a7cc891ad802e35db91ecc4
SSDEEP

384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlIGe/1w:XS5nQJ24LR1bytOOtEvwDpjNbme/e

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-26_58feb25b7e7ed656d87aef79c2b0d4c8_cryptolocker
- Size
  
  46KB
- MD5
  
  58feb25b7e7ed656d87aef79c2b0d4c8
- SHA1
  
  dbff6245b5bafcace1ae33d324407288e8a4e81c
- SHA256
  
  d79d940fe7db6d5c80496d80fb4855397d51785089834c66a329bba7bf699a82
- SHA512
  
  8bc4cd8bc9784bbcc33850297bd1cc3a1f02bf3f8ccda65a1dd3d0dbb66c43c0e63dc7cb8176824346e15676a8d32d589691d0949a7cc891ad802e35db91ecc4
- SSDEEP
  
  384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlIGe/1w:XS5nQJ24LR1bytOOtEvwDpjNbme/e
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2