47c0f67d1f8212b14be8fe7aabd82706df68ab5dc7dce659c2d9c1b5423b2c22 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-15_c13ad1929bede3e8f5d431d2a5949aa8_cryptolocker
Size

49KB
Sample

240915-db5pcsscle
MD5

c13ad1929bede3e8f5d431d2a5949aa8
SHA1

4e50936785408a3cad483ffb501555933bb50ba2
SHA256

47c0f67d1f8212b14be8fe7aabd82706df68ab5dc7dce659c2d9c1b5423b2c22
SHA512

a1b6c7ba1e9d2c58acf00cdcfe431b69df62bac6f0d2d5d226cac0d94d9e65ba8db2280bb3f20a181794a7a5bc2a8a01e64784a427f892f37933bddb0e566719
SSDEEP

768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/DpkcAYo:P6Q0ElP6G+gJQMOtEvwDpjB8WMlf/o

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-15_c13ad1929bede3e8f5d431d2a5949aa8_cryptolocker
- Size
  
  49KB
- MD5
  
  c13ad1929bede3e8f5d431d2a5949aa8
- SHA1
  
  4e50936785408a3cad483ffb501555933bb50ba2
- SHA256
  
  47c0f67d1f8212b14be8fe7aabd82706df68ab5dc7dce659c2d9c1b5423b2c22
- SHA512
  
  a1b6c7ba1e9d2c58acf00cdcfe431b69df62bac6f0d2d5d226cac0d94d9e65ba8db2280bb3f20a181794a7a5bc2a8a01e64784a427f892f37933bddb0e566719
- SSDEEP
  
  768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/DpkcAYo:P6Q0ElP6G+gJQMOtEvwDpjB8WMlf/o
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2