4142889932f6fda484eebdd57bd93e890b64853e0c3b633fd40b0b1b3494f498 | Triage

Sharing

General

Target

2024-09-25_9da9df65b01e1a93764f9f161fed00db_cryptolocker
Size

33KB
Sample

240925-cxejmazbrj
MD5

9da9df65b01e1a93764f9f161fed00db
SHA1

f853a5615871009e7f8b519c1e6a84c043b26a27
SHA256

4142889932f6fda484eebdd57bd93e890b64853e0c3b633fd40b0b1b3494f498
SHA512

a1df192e62a725fa02d9ac110d77ecbb3738e02b68ad9e5d489148fb89169fc5368db15b7a8b02d7914c0c1c33bbf802709333eaec253ee42d1f1606f5a2457b
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2BodcAOjbQ369:btB9g/WItCSsAGjX7r3BGubb

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-25_9da9df65b01e1a93764f9f161fed00db_cryptolocker
- Size
  
  33KB
- MD5
  
  9da9df65b01e1a93764f9f161fed00db
- SHA1
  
  f853a5615871009e7f8b519c1e6a84c043b26a27
- SHA256
  
  4142889932f6fda484eebdd57bd93e890b64853e0c3b633fd40b0b1b3494f498
- SHA512
  
  a1df192e62a725fa02d9ac110d77ecbb3738e02b68ad9e5d489148fb89169fc5368db15b7a8b02d7914c0c1c33bbf802709333eaec253ee42d1f1606f5a2457b
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2BodcAOjbQ369:btB9g/WItCSsAGjX7r3BGubb
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2