a6e54045139acc836a53c749f4e63b8a0f75e05ce8829327b6169f39100b201b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-18_c61088ed795aca3a2dd644035e5e296d_cryptolocker
Size

53KB
Sample

240918-ydw58azcpb
MD5

c61088ed795aca3a2dd644035e5e296d
SHA1

d89cdd67c1147295f62c3c3b284b9c6ffcdf9c6a
SHA256

a6e54045139acc836a53c749f4e63b8a0f75e05ce8829327b6169f39100b201b
SHA512

aa39f5cec8723271ddf6bbef5797774936e62261034efb63baa2bade743e500449a633e73322ce072428e38b308cf735eaa379a18fd1651af8353b1a19edae7d
SSDEEP

384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlIDtW41:XS5nQJ24LR1bytOOtEvwDpjNbjf1

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-18_c61088ed795aca3a2dd644035e5e296d_cryptolocker
- Size
  
  53KB
- MD5
  
  c61088ed795aca3a2dd644035e5e296d
- SHA1
  
  d89cdd67c1147295f62c3c3b284b9c6ffcdf9c6a
- SHA256
  
  a6e54045139acc836a53c749f4e63b8a0f75e05ce8829327b6169f39100b201b
- SHA512
  
  aa39f5cec8723271ddf6bbef5797774936e62261034efb63baa2bade743e500449a633e73322ce072428e38b308cf735eaa379a18fd1651af8353b1a19edae7d
- SSDEEP
  
  384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlIDtW41:XS5nQJ24LR1bytOOtEvwDpjNbjf1
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2