0442607674153523e0b893d2e898d2773752058ccdb335b12b652bba4a55267d | Triage

Sharing

General

Target

2024-09-12_65d5f717ef00f337604d6a0bc71d6a58_cryptolocker
Size

45KB
Sample

240912-qn2jpawhmn
MD5

65d5f717ef00f337604d6a0bc71d6a58
SHA1

6c076552bfaaeeccc100c079b1bbc6d4abe93de2
SHA256

0442607674153523e0b893d2e898d2773752058ccdb335b12b652bba4a55267d
SHA512

4b45c14d1995390d61b8f6bb0fcf7506e7d8fa4b12c00d6cc85ac6a9bd05c81a6cf9c3187fd6b4d5e065dd80439023859e25151ee2c76e5967e2e7b632cf9787
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUadQC8sV:bm74zYcgT/EkM0ryfjPdQZsV

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_65d5f717ef00f337604d6a0bc71d6a58_cryptolocker
- Size
  
  45KB
- MD5
  
  65d5f717ef00f337604d6a0bc71d6a58
- SHA1
  
  6c076552bfaaeeccc100c079b1bbc6d4abe93de2
- SHA256
  
  0442607674153523e0b893d2e898d2773752058ccdb335b12b652bba4a55267d
- SHA512
  
  4b45c14d1995390d61b8f6bb0fcf7506e7d8fa4b12c00d6cc85ac6a9bd05c81a6cf9c3187fd6b4d5e065dd80439023859e25151ee2c76e5967e2e7b632cf9787
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUadQC8sV:bm74zYcgT/EkM0ryfjPdQZsV
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2