1635b8aeae72f80cc9ab60dd2ef82d2df2661c2da9613c7d9a7d79c8a22b49f1 | Triage

Sharing

General

Target

2024-08-29_b230ae906d55267b9387493f13b0a7b2_cryptolocker
Size

36KB
Sample

240829-j86wksterk
MD5

b230ae906d55267b9387493f13b0a7b2
SHA1

27d9bcaf168a07ba2822253e5cce1e4bbe704f03
SHA256

1635b8aeae72f80cc9ab60dd2ef82d2df2661c2da9613c7d9a7d79c8a22b49f1
SHA512

5917d0bdcb9218c09496eb691d620a0fcfc6a88fb5c2b1c9246620ab00c4c69c2138cd46657a8de09ff3e279b03a73df420ae9f9054021d52879b27e99ee1d1b
SSDEEP

768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMh:bc/y2lkF0+BW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-29_b230ae906d55267b9387493f13b0a7b2_cryptolocker
- Size
  
  36KB
- MD5
  
  b230ae906d55267b9387493f13b0a7b2
- SHA1
  
  27d9bcaf168a07ba2822253e5cce1e4bbe704f03
- SHA256
  
  1635b8aeae72f80cc9ab60dd2ef82d2df2661c2da9613c7d9a7d79c8a22b49f1
- SHA512
  
  5917d0bdcb9218c09496eb691d620a0fcfc6a88fb5c2b1c9246620ab00c4c69c2138cd46657a8de09ff3e279b03a73df420ae9f9054021d52879b27e99ee1d1b
- SSDEEP
  
  768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMh:bc/y2lkF0+BW
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2