159a46eaaa24c97d158f5accffef5fcd323eecf877f8799b836b411148ae7bbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-05_23769ef40e1a3e0a680efa275aad9878_cryptolocker
Size

44KB
Sample

240905-m5jhnazeqa
MD5

23769ef40e1a3e0a680efa275aad9878
SHA1

885827c4c1686f3d99e9576142ba4510cb080951
SHA256

159a46eaaa24c97d158f5accffef5fcd323eecf877f8799b836b411148ae7bbd
SHA512

a8ff675a8d5867c1ea06ac07bef6c31bb1bec5d465eed38d76cb5c74ae7e83b24c9cadd64b60207bde55beaac481ad94c44a1e881719435c42bdfe2b8e3a4059
SSDEEP

768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n93:m5nkFNMOtEvwDpjG8hgpY193

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-05_23769ef40e1a3e0a680efa275aad9878_cryptolocker
- Size
  
  44KB
- MD5
  
  23769ef40e1a3e0a680efa275aad9878
- SHA1
  
  885827c4c1686f3d99e9576142ba4510cb080951
- SHA256
  
  159a46eaaa24c97d158f5accffef5fcd323eecf877f8799b836b411148ae7bbd
- SHA512
  
  a8ff675a8d5867c1ea06ac07bef6c31bb1bec5d465eed38d76cb5c74ae7e83b24c9cadd64b60207bde55beaac481ad94c44a1e881719435c42bdfe2b8e3a4059
- SSDEEP
  
  768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n93:m5nkFNMOtEvwDpjG8hgpY193
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2