938e202d43b2087ade1a0a6d83afbdc26d49a31ae0714761431460d2b1eaaa18 | Triage

Sharing

General

Target

2024-09-14_2ce522ab568e0e1e8a94a2f4945b0c17_cryptolocker
Size

72KB
Sample

240914-kaa7pavbmm
MD5

2ce522ab568e0e1e8a94a2f4945b0c17
SHA1

7b06273dd6bc676ce5e7750d8431481b1156725e
SHA256

938e202d43b2087ade1a0a6d83afbdc26d49a31ae0714761431460d2b1eaaa18
SHA512

43ebe15c285ccb5516e2ac313eb3793d09774f6487e3533a7d52cc01686d8a60e54c68503d1cd9d1bb4dde2db2466ce65c1e2aafff4934d9288424eac5acbd63
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rd:vj+jsMQMOtEvwDpj5HZYTjipvF241

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-14_2ce522ab568e0e1e8a94a2f4945b0c17_cryptolocker
- Size
  
  72KB
- MD5
  
  2ce522ab568e0e1e8a94a2f4945b0c17
- SHA1
  
  7b06273dd6bc676ce5e7750d8431481b1156725e
- SHA256
  
  938e202d43b2087ade1a0a6d83afbdc26d49a31ae0714761431460d2b1eaaa18
- SHA512
  
  43ebe15c285ccb5516e2ac313eb3793d09774f6487e3533a7d52cc01686d8a60e54c68503d1cd9d1bb4dde2db2466ce65c1e2aafff4934d9288424eac5acbd63
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rd:vj+jsMQMOtEvwDpj5HZYTjipvF241
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2