afd738ae7c725341010d180c9050d6a579f56d636066818d5a0dd020c64fbc3a | Triage

Sharing

General

Target

2024-09-07_3dfbf3529cff48a54c92aab8b3abb227_cryptolocker
Size

55KB
Sample

240907-axy7xswapr
MD5

3dfbf3529cff48a54c92aab8b3abb227
SHA1

420c2dd105df441d6041798ff3a60b92be51650e
SHA256

afd738ae7c725341010d180c9050d6a579f56d636066818d5a0dd020c64fbc3a
SHA512

a3a9f9cbb9de6b2aaf39fadfa413876140edc8bd97fdf93b4d8cdd2fc076811c9bb11aa05b85bcf580ec9c341c159e7a8d98c35bb511eb46285bfd1c4bbc030a
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCW1nw71TkhsiPn1YFvP5:vj+jsMQMOtEvwDpj5HH1nw73KOF5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-07_3dfbf3529cff48a54c92aab8b3abb227_cryptolocker
- Size
  
  55KB
- MD5
  
  3dfbf3529cff48a54c92aab8b3abb227
- SHA1
  
  420c2dd105df441d6041798ff3a60b92be51650e
- SHA256
  
  afd738ae7c725341010d180c9050d6a579f56d636066818d5a0dd020c64fbc3a
- SHA512
  
  a3a9f9cbb9de6b2aaf39fadfa413876140edc8bd97fdf93b4d8cdd2fc076811c9bb11aa05b85bcf580ec9c341c159e7a8d98c35bb511eb46285bfd1c4bbc030a
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCW1nw71TkhsiPn1YFvP5:vj+jsMQMOtEvwDpj5HH1nw73KOF5
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2