85e0b36166fae170d991a8ccc8728b709b4a4d9f82427c3f333f93b0e8d407b3 | Triage

Sharing

General

Target

2024-09-19_52c4dba9754ada7f8f5e33a5fb58ec33_cryptolocker
Size

41KB
Sample

240919-f6cyyashjh
MD5

52c4dba9754ada7f8f5e33a5fb58ec33
SHA1

da9d8b467b7d2622c7d66b05f68c04b2fa1ef37d
SHA256

85e0b36166fae170d991a8ccc8728b709b4a4d9f82427c3f333f93b0e8d407b3
SHA512

dde45a9e940c3dad38b694386f9aa30532142f2b8b812bf9e9d7c2a5215515ca29f7f1ca1b647ca475c5a520bf1e8829a9c965ab0c123bd125f51deccab970b5
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKMLGok1:vj+jsMQMOtEvwDpj5Ht1qok1

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_52c4dba9754ada7f8f5e33a5fb58ec33_cryptolocker
- Size
  
  41KB
- MD5
  
  52c4dba9754ada7f8f5e33a5fb58ec33
- SHA1
  
  da9d8b467b7d2622c7d66b05f68c04b2fa1ef37d
- SHA256
  
  85e0b36166fae170d991a8ccc8728b709b4a4d9f82427c3f333f93b0e8d407b3
- SHA512
  
  dde45a9e940c3dad38b694386f9aa30532142f2b8b812bf9e9d7c2a5215515ca29f7f1ca1b647ca475c5a520bf1e8829a9c965ab0c123bd125f51deccab970b5
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKMLGok1:vj+jsMQMOtEvwDpj5Ht1qok1
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2