576be0781a0a537db2fe3d6625352fed72ef4827d62f5e06ef6eb0c8dd678a68 | Triage

Sharing

General

Target

2024-09-12_ffeccd89442431cf7096cc1e8d7bd0b0_cryptolocker
Size

38KB
Sample

240912-egz7hazerp
MD5

ffeccd89442431cf7096cc1e8d7bd0b0
SHA1

bde4ada084233faffe32b449253693e0558a40c4
SHA256

576be0781a0a537db2fe3d6625352fed72ef4827d62f5e06ef6eb0c8dd678a68
SHA512

40d45f93fbfe047295038a584b8f746bb0fc4bfac7528a9cf2f01b442bfe0fc7cb64a12ce9a5785283d4e40d0af7f672c483c81bc42259c44272c744397dd471
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDZFmB:bAvJCF+RQgJeab4sbu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_ffeccd89442431cf7096cc1e8d7bd0b0_cryptolocker
- Size
  
  38KB
- MD5
  
  ffeccd89442431cf7096cc1e8d7bd0b0
- SHA1
  
  bde4ada084233faffe32b449253693e0558a40c4
- SHA256
  
  576be0781a0a537db2fe3d6625352fed72ef4827d62f5e06ef6eb0c8dd678a68
- SHA512
  
  40d45f93fbfe047295038a584b8f746bb0fc4bfac7528a9cf2f01b442bfe0fc7cb64a12ce9a5785283d4e40d0af7f672c483c81bc42259c44272c744397dd471
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDZFmB:bAvJCF+RQgJeab4sbu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2