b1e3a22ddb75d88b32985b229f24a2b90a0d395896b89de60cd9e3c7cf406e51 | Triage

Sharing

General

Target

2024-09-12_2641b074a05855da01b96cc857ab2092_cryptolocker
Size

44KB
Sample

240912-cysgwawgpc
MD5

2641b074a05855da01b96cc857ab2092
SHA1

44a47b11c29b49258eb8d016f0bbda285b5c5c42
SHA256

b1e3a22ddb75d88b32985b229f24a2b90a0d395896b89de60cd9e3c7cf406e51
SHA512

8f7b33618fd0f3e7393835b517f7e607939ae9764e3d0b36b25d0cf1362da5ff7e55d06a11c651cfe12cb9dd60c8978c89a69f719ecd6d6f523a043855bd21db
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUadQuQ:bm74zYcgT/EkM0ryfjPdQd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_2641b074a05855da01b96cc857ab2092_cryptolocker
- Size
  
  44KB
- MD5
  
  2641b074a05855da01b96cc857ab2092
- SHA1
  
  44a47b11c29b49258eb8d016f0bbda285b5c5c42
- SHA256
  
  b1e3a22ddb75d88b32985b229f24a2b90a0d395896b89de60cd9e3c7cf406e51
- SHA512
  
  8f7b33618fd0f3e7393835b517f7e607939ae9764e3d0b36b25d0cf1362da5ff7e55d06a11c651cfe12cb9dd60c8978c89a69f719ecd6d6f523a043855bd21db
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUadQuQ:bm74zYcgT/EkM0ryfjPdQd
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2