c02299ff4e4d30b089ab15974c823c300655b92109ff0dbc11fd4ae1ffd479a5 | Triage

Sharing

General

Target

2024-09-25_26999eae0afbf7a4c8d21158b1ee85ef_cryptolocker
Size

30KB
Sample

240925-vy5rba1aqa
MD5

26999eae0afbf7a4c8d21158b1ee85ef
SHA1

14a4b7a6e67e03bf10fe4eedcdd5dde2b8d0b236
SHA256

c02299ff4e4d30b089ab15974c823c300655b92109ff0dbc11fd4ae1ffd479a5
SHA512

c7ce967571e96b604578155a12d7afd36d2ee9f96dadb6d1d7168ed716d1106050dbbc92242d6d2df91577e6c83ea80e96b10c37c36a51644954bc0e9f90187e
SSDEEP

384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRS/Vb9hS:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4y

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-25_26999eae0afbf7a4c8d21158b1ee85ef_cryptolocker
- Size
  
  30KB
- MD5
  
  26999eae0afbf7a4c8d21158b1ee85ef
- SHA1
  
  14a4b7a6e67e03bf10fe4eedcdd5dde2b8d0b236
- SHA256
  
  c02299ff4e4d30b089ab15974c823c300655b92109ff0dbc11fd4ae1ffd479a5
- SHA512
  
  c7ce967571e96b604578155a12d7afd36d2ee9f96dadb6d1d7168ed716d1106050dbbc92242d6d2df91577e6c83ea80e96b10c37c36a51644954bc0e9f90187e
- SSDEEP
  
  384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRS/Vb9hS:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4y
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2