0a5a401aed5a93404ab4595913d6c2ae9b214fbbbeba7ea9d61e8d609c1791cd | Triage

Sharing

General

Target

2024-09-14_2d91a31f49b87c11f17c9191c7881719_cryptolocker
Size

73KB
Sample

240914-jb3snatang
MD5

2d91a31f49b87c11f17c9191c7881719
SHA1

ec6aca57bcc24546ce4a13c6d890fb664fd60bb7
SHA256

0a5a401aed5a93404ab4595913d6c2ae9b214fbbbeba7ea9d61e8d609c1791cd
SHA512

c664a1c68f8f99200a1c519da6a26bb078bde3c9d04f85bf66e1fbbd335a76a7b2a2eb09d2431154caf602f1f12bea79966eda4cee15135ace6a953542647966
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Ra:vj+jsMQMOtEvwDpj5HZYTjipvF24f6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-14_2d91a31f49b87c11f17c9191c7881719_cryptolocker
- Size
  
  73KB
- MD5
  
  2d91a31f49b87c11f17c9191c7881719
- SHA1
  
  ec6aca57bcc24546ce4a13c6d890fb664fd60bb7
- SHA256
  
  0a5a401aed5a93404ab4595913d6c2ae9b214fbbbeba7ea9d61e8d609c1791cd
- SHA512
  
  c664a1c68f8f99200a1c519da6a26bb078bde3c9d04f85bf66e1fbbd335a76a7b2a2eb09d2431154caf602f1f12bea79966eda4cee15135ace6a953542647966
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Ra:vj+jsMQMOtEvwDpj5HZYTjipvF24f6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2