1e9f6f44a5df3aeb1653c1796bd869da811d91a024fbda7ac1a89a8b2295c740 | Triage

Sharing

General

Target

2024-09-19_5a22e59ed3725333d86b8d298e6d642c_cryptolocker
Size

60KB
Sample

240919-f6wq2stblk
MD5

5a22e59ed3725333d86b8d298e6d642c
SHA1

ff700af9b3a6a36e0071b35c016a5b40b227a281
SHA256

1e9f6f44a5df3aeb1653c1796bd869da811d91a024fbda7ac1a89a8b2295c740
SHA512

2a208df2617f36d5ee34e84c9950390f69f07fa0ea80cab8fd34aef4351c30bd2e88e5f7ebdd7b380b451ab80ddf61eae37675497ae5dcb56aeb66dfb23e5ee9
SSDEEP

1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszudnYTjipvF29n:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7F

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_5a22e59ed3725333d86b8d298e6d642c_cryptolocker
- Size
  
  60KB
- MD5
  
  5a22e59ed3725333d86b8d298e6d642c
- SHA1
  
  ff700af9b3a6a36e0071b35c016a5b40b227a281
- SHA256
  
  1e9f6f44a5df3aeb1653c1796bd869da811d91a024fbda7ac1a89a8b2295c740
- SHA512
  
  2a208df2617f36d5ee34e84c9950390f69f07fa0ea80cab8fd34aef4351c30bd2e88e5f7ebdd7b380b451ab80ddf61eae37675497ae5dcb56aeb66dfb23e5ee9
- SSDEEP
  
  1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszudnYTjipvF29n:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7F
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2