b43da4fc448fd1fd187495d61ee0c31128f4a166cb487fdf183943df45a16823 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-19_33dd889962a8f08a84555d7052c45fb8_cryptolocker
Size

23KB
Sample

240919-h8jwdaxbkh
MD5

33dd889962a8f08a84555d7052c45fb8
SHA1

cc3a478d93f7b3d9e7bfc0111761a4127453bd71
SHA256

b43da4fc448fd1fd187495d61ee0c31128f4a166cb487fdf183943df45a16823
SHA512

c68a1350965d679368f30ad396e0ed443855e5a9c7f9836203f46d4d7a3d668690520f5f041337e5324207d0a1587efc7590eef86adcbda88aae1ba09d84586e
SSDEEP

384:QBOkkLPcM4JIM39ZR8Z87XHjeKtFDcRYpTtOOtEvwDpjqIGRY:QB19M4JIhZMHSKtBcROtOOtEvwDpjD

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_33dd889962a8f08a84555d7052c45fb8_cryptolocker
- Size
  
  23KB
- MD5
  
  33dd889962a8f08a84555d7052c45fb8
- SHA1
  
  cc3a478d93f7b3d9e7bfc0111761a4127453bd71
- SHA256
  
  b43da4fc448fd1fd187495d61ee0c31128f4a166cb487fdf183943df45a16823
- SHA512
  
  c68a1350965d679368f30ad396e0ed443855e5a9c7f9836203f46d4d7a3d668690520f5f041337e5324207d0a1587efc7590eef86adcbda88aae1ba09d84586e
- SSDEEP
  
  384:QBOkkLPcM4JIM39ZR8Z87XHjeKtFDcRYpTtOOtEvwDpjqIGRY:QB19M4JIhZMHSKtBcROtOOtEvwDpjD
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2