e6db7649af60ce690cce920a979ceb7d00f0e968dfd4d7981403256abf54bef0 | Triage

Sharing

General

Target

2024-09-21_6135d5666a64936123f9bc979d7e6cdf_cryptolocker
Size

50KB
Sample

240921-d3tfeatapq
MD5

6135d5666a64936123f9bc979d7e6cdf
SHA1

4a77cde98f5eb0cd2bcb971ef935e6ac06760d5f
SHA256

e6db7649af60ce690cce920a979ceb7d00f0e968dfd4d7981403256abf54bef0
SHA512

e97a851d85588723b5c901303c72423cec94ca957694548b64877c3286955fd24a0f6d51bc170742cb22cc88f07c6f518f052ef691ae2ba8b23cacdd0ae30a5f
SSDEEP

384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/74zpzw:XS5nQJ24LR1bytOOtEvwDpjNbP/0Gehe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-21_6135d5666a64936123f9bc979d7e6cdf_cryptolocker
- Size
  
  50KB
- MD5
  
  6135d5666a64936123f9bc979d7e6cdf
- SHA1
  
  4a77cde98f5eb0cd2bcb971ef935e6ac06760d5f
- SHA256
  
  e6db7649af60ce690cce920a979ceb7d00f0e968dfd4d7981403256abf54bef0
- SHA512
  
  e97a851d85588723b5c901303c72423cec94ca957694548b64877c3286955fd24a0f6d51bc170742cb22cc88f07c6f518f052ef691ae2ba8b23cacdd0ae30a5f
- SSDEEP
  
  384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/74zpzw:XS5nQJ24LR1bytOOtEvwDpjNbP/0Gehe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2