aff81da0202917b517ce82fb06cb61bb2a9a82386d4656f655e5011f9124900b | Triage

Sharing

General

Target

2024-09-19_51c20cf24e5aea3f8334e15cac1d079c_cryptolocker
Size

72KB
Sample

240919-d1j4ysyflk
MD5

51c20cf24e5aea3f8334e15cac1d079c
SHA1

62645dd8a312516433663725c998d24cefc74fcd
SHA256

aff81da0202917b517ce82fb06cb61bb2a9a82386d4656f655e5011f9124900b
SHA512

bb8656d73a385a990bf4ea8af5fd344f3439abbb6e3ddfa81b901c67eb125359bdb244ab768d821075d6b02748942a5ff93a8e59584ff6ab0f50db568d6bb87d
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rp:vj+jsMQMOtEvwDpj5HZYTjipvF24h

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_51c20cf24e5aea3f8334e15cac1d079c_cryptolocker
- Size
  
  72KB
- MD5
  
  51c20cf24e5aea3f8334e15cac1d079c
- SHA1
  
  62645dd8a312516433663725c998d24cefc74fcd
- SHA256
  
  aff81da0202917b517ce82fb06cb61bb2a9a82386d4656f655e5011f9124900b
- SHA512
  
  bb8656d73a385a990bf4ea8af5fd344f3439abbb6e3ddfa81b901c67eb125359bdb244ab768d821075d6b02748942a5ff93a8e59584ff6ab0f50db568d6bb87d
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rp:vj+jsMQMOtEvwDpj5HZYTjipvF24h
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2