c1b7b49c2bb0b8f6f8777026de4895b7724da450f598b00bea50f9c83392872a | Triage

Sharing

General

Target

2024-09-19_d49e15409325a3acf38a1c5da6d0c612_cryptolocker
Size

62KB
Sample

240919-d8yx3sygqh
MD5

d49e15409325a3acf38a1c5da6d0c612
SHA1

348ad2e54fb2973e6c5d9693a2805635496a92f2
SHA256

c1b7b49c2bb0b8f6f8777026de4895b7724da450f598b00bea50f9c83392872a
SHA512

31c440fa02229aeacb4b3e02f1bf4ca6fe2a420b065f0eb95d5603fec5b196a90e583175fdfa06c14818eca6eb247f2c4bb7e9f2706631818761cf9958130d25
SSDEEP

1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgL:DW60sllyWOtEvwDpjwF82

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_d49e15409325a3acf38a1c5da6d0c612_cryptolocker
- Size
  
  62KB
- MD5
  
  d49e15409325a3acf38a1c5da6d0c612
- SHA1
  
  348ad2e54fb2973e6c5d9693a2805635496a92f2
- SHA256
  
  c1b7b49c2bb0b8f6f8777026de4895b7724da450f598b00bea50f9c83392872a
- SHA512
  
  31c440fa02229aeacb4b3e02f1bf4ca6fe2a420b065f0eb95d5603fec5b196a90e583175fdfa06c14818eca6eb247f2c4bb7e9f2706631818761cf9958130d25
- SSDEEP
  
  1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgL:DW60sllyWOtEvwDpjwF82
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2