de289789c6d96fded6ba12efa8513615e12fefa371cd38a07f6cbae370d08edd | Triage

Sharing

General

Target

2024-09-25_41df8fa3d1586ac37283237baae2fc16_cryptolocker
Size

37KB
Sample

240925-rp1t8azeqj
MD5

41df8fa3d1586ac37283237baae2fc16
SHA1

d96aec0631c97d79b25be70b448975c13b1c9f71
SHA256

de289789c6d96fded6ba12efa8513615e12fefa371cd38a07f6cbae370d08edd
SHA512

2a1fcd8abb0543e559a57ffe8453a8ca21831c5d4fe0653169b9603136a8b430f20f96fcaf062dfa59f5f3eb40eeca96cc78a2e62055d67ecd623ddeb7aa9cfd
SSDEEP

768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5f:m5nkFNMOtEvwDpjG8hh3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-25_41df8fa3d1586ac37283237baae2fc16_cryptolocker
- Size
  
  37KB
- MD5
  
  41df8fa3d1586ac37283237baae2fc16
- SHA1
  
  d96aec0631c97d79b25be70b448975c13b1c9f71
- SHA256
  
  de289789c6d96fded6ba12efa8513615e12fefa371cd38a07f6cbae370d08edd
- SHA512
  
  2a1fcd8abb0543e559a57ffe8453a8ca21831c5d4fe0653169b9603136a8b430f20f96fcaf062dfa59f5f3eb40eeca96cc78a2e62055d67ecd623ddeb7aa9cfd
- SSDEEP
  
  768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5f:m5nkFNMOtEvwDpjG8hh3
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2