5a687afeb7ed7e98e058bc515874b8f2ccd65da0b67b177d5b2e8750cf436623 | Triage

Sharing

General

Target

2024-09-19_1e8eeda09aa668cc1bfc39e18776cedb_cryptolocker
Size

23KB
Sample

240919-g5kg3avdjd
MD5

1e8eeda09aa668cc1bfc39e18776cedb
SHA1

1d0d57f0abb8ad0ba3aac701b2a570c39b5a9b35
SHA256

5a687afeb7ed7e98e058bc515874b8f2ccd65da0b67b177d5b2e8750cf436623
SHA512

cfe79bbe1c1bc277240c45ff6e06ffa19cfe078f6a33959ab855afe89eb35b6a5b4609923472cfbb32862c2f9d44974bc820c9e5ca0d9e895aac3a5dfd8b6652
SSDEEP

384:QBOkkLPcM4JIM39ZR8Z87XHjeKtFDcRYpTtOOtEvwDpjqIGRc:QB19M4JIhZMHSKtBcROtOOtEvwDpjf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_1e8eeda09aa668cc1bfc39e18776cedb_cryptolocker
- Size
  
  23KB
- MD5
  
  1e8eeda09aa668cc1bfc39e18776cedb
- SHA1
  
  1d0d57f0abb8ad0ba3aac701b2a570c39b5a9b35
- SHA256
  
  5a687afeb7ed7e98e058bc515874b8f2ccd65da0b67b177d5b2e8750cf436623
- SHA512
  
  cfe79bbe1c1bc277240c45ff6e06ffa19cfe078f6a33959ab855afe89eb35b6a5b4609923472cfbb32862c2f9d44974bc820c9e5ca0d9e895aac3a5dfd8b6652
- SSDEEP
  
  384:QBOkkLPcM4JIM39ZR8Z87XHjeKtFDcRYpTtOOtEvwDpjqIGRc:QB19M4JIhZMHSKtBcROtOOtEvwDpjf
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2