a2e8ebfe7f31df30c6c8827762c4e0309ce5e235ef4c3c4645ccfffe50275e16 | Triage

Sharing

General

Target

2024-09-05_4771f7ceb61f6b7a486b8cd9cd4d8efa_cryptolocker
Size

35KB
Sample

240905-pm82ps1gkh
MD5

4771f7ceb61f6b7a486b8cd9cd4d8efa
SHA1

ec70abbc9f538dd18344cc782f716d48d76040bf
SHA256

a2e8ebfe7f31df30c6c8827762c4e0309ce5e235ef4c3c4645ccfffe50275e16
SHA512

e7724112c3024554d3d2f67a301c3b7c815e99de4b66c576546101bc13319d2e1bfdef210db5c2f715b859f4a210cb22331df4738383ff19de2025bcc711c89a
SSDEEP

384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXuadQW:bG74zYcgT/Ekd0ryfjHW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-05_4771f7ceb61f6b7a486b8cd9cd4d8efa_cryptolocker
- Size
  
  35KB
- MD5
  
  4771f7ceb61f6b7a486b8cd9cd4d8efa
- SHA1
  
  ec70abbc9f538dd18344cc782f716d48d76040bf
- SHA256
  
  a2e8ebfe7f31df30c6c8827762c4e0309ce5e235ef4c3c4645ccfffe50275e16
- SHA512
  
  e7724112c3024554d3d2f67a301c3b7c815e99de4b66c576546101bc13319d2e1bfdef210db5c2f715b859f4a210cb22331df4738383ff19de2025bcc711c89a
- SSDEEP
  
  384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXuadQW:bG74zYcgT/Ekd0ryfjHW
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2