371ef5746e0c36d0631148efd7656b77a805e30fcb5421b249c9069bb94f3afa | Triage

Sharing

General

Target

2024-09-19_13af15529a01c9b4cffad7198d12a235_cryptolocker
Size

68KB
Sample

240919-f3kvdashqr
MD5

13af15529a01c9b4cffad7198d12a235
SHA1

19c7cce1473bd2218998d1a1c5457a23e5ac29b4
SHA256

371ef5746e0c36d0631148efd7656b77a805e30fcb5421b249c9069bb94f3afa
SHA512

cf6ef5d622299596ec4c350bcd438778d1a7322483dbd7dc307d70177c96e62c8d721a986bb8225de3d4d651dee7c1f23864d866cc02b9f97a28edf7c16e29d5
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2l9tMPvdfGy7G:TCjsIOtEvwDpj5HE/OUHnSMYV

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_13af15529a01c9b4cffad7198d12a235_cryptolocker
- Size
  
  68KB
- MD5
  
  13af15529a01c9b4cffad7198d12a235
- SHA1
  
  19c7cce1473bd2218998d1a1c5457a23e5ac29b4
- SHA256
  
  371ef5746e0c36d0631148efd7656b77a805e30fcb5421b249c9069bb94f3afa
- SHA512
  
  cf6ef5d622299596ec4c350bcd438778d1a7322483dbd7dc307d70177c96e62c8d721a986bb8225de3d4d651dee7c1f23864d866cc02b9f97a28edf7c16e29d5
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2l9tMPvdfGy7G:TCjsIOtEvwDpj5HE/OUHnSMYV
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2