c4d546e1b75ffcb27cccefc23c9516a61fbdbd1868a393fe0b30a8527502d305 | Triage

Sharing

General

Target

2024-09-07_ae72c6be22507dd939284ec166d643ab_cryptolocker
Size

86KB
Sample

240907-hkbvvszhpb
MD5

ae72c6be22507dd939284ec166d643ab
SHA1

7652c2391e4c1e828afcf73b46adef7921bba04c
SHA256

c4d546e1b75ffcb27cccefc23c9516a61fbdbd1868a393fe0b30a8527502d305
SHA512

a2572a2661a16be7b3a67efc838d0e89b8a984812d10c4f1b4a0ff56fbfa689b4dd718b9fb489f633619419f759c5627214dcdfd9bdef2bc59f77d803f5c6532
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrC+hmy:TCjsIOtEvwDpj5HE/OUHnSM2y

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-07_ae72c6be22507dd939284ec166d643ab_cryptolocker
- Size
  
  86KB
- MD5
  
  ae72c6be22507dd939284ec166d643ab
- SHA1
  
  7652c2391e4c1e828afcf73b46adef7921bba04c
- SHA256
  
  c4d546e1b75ffcb27cccefc23c9516a61fbdbd1868a393fe0b30a8527502d305
- SHA512
  
  a2572a2661a16be7b3a67efc838d0e89b8a984812d10c4f1b4a0ff56fbfa689b4dd718b9fb489f633619419f759c5627214dcdfd9bdef2bc59f77d803f5c6532
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrC+hmy:TCjsIOtEvwDpj5HE/OUHnSM2y
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2