28de4bed76826556e38c811f7c239a3bb955fb4d7e407153243a11317b7ae042 | Triage

Sharing

General

Target

2024-09-19_6e32ceb3ca9b7ca0666f034c9c8bf066_cryptolocker
Size

48KB
Sample

240919-f7avzashna
MD5

6e32ceb3ca9b7ca0666f034c9c8bf066
SHA1

c119c03a57b45f56b77a20151d12907d2143681e
SHA256

28de4bed76826556e38c811f7c239a3bb955fb4d7e407153243a11317b7ae042
SHA512

2b3c3a65ea4ecf54ce75cb9a6b0d9e973c8148b6913e3a89c2100dfbb1285894280c59a909905fccd9151a259b4c9b6dd4eab178d820827383df133ec8398956
SSDEEP

768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPcwH:P6QFElP6k+MRQMOtEvwDpjBQpVXQH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_6e32ceb3ca9b7ca0666f034c9c8bf066_cryptolocker
- Size
  
  48KB
- MD5
  
  6e32ceb3ca9b7ca0666f034c9c8bf066
- SHA1
  
  c119c03a57b45f56b77a20151d12907d2143681e
- SHA256
  
  28de4bed76826556e38c811f7c239a3bb955fb4d7e407153243a11317b7ae042
- SHA512
  
  2b3c3a65ea4ecf54ce75cb9a6b0d9e973c8148b6913e3a89c2100dfbb1285894280c59a909905fccd9151a259b4c9b6dd4eab178d820827383df133ec8398956
- SSDEEP
  
  768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPcwH:P6QFElP6k+MRQMOtEvwDpjBQpVXQH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2