ee2a21a254490aa22b241fd7818631491b6602f3cde6330b1a91aabc1154d8f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-25_2b92f9043a4454efd48b718383f80bec_cryptolocker
Size

44KB
Sample

240925-y5eegswbpk
MD5

2b92f9043a4454efd48b718383f80bec
SHA1

c6bc7938243b3865db3eb7515745b0bca6d3268a
SHA256

ee2a21a254490aa22b241fd7818631491b6602f3cde6330b1a91aabc1154d8f9
SHA512

fe15fb8e887c6a385acca61593eec22c998bc6390b72cd67a5dccb5ddf5dfc018585582f9ef4b449a4b7196ce3b4496f42fb760f026d149934a6f63025d4f69a
SSDEEP

384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/Bt:XS5nQJ24LR1bytOOtEvwDpjNbP/7

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-25_2b92f9043a4454efd48b718383f80bec_cryptolocker
- Size
  
  44KB
- MD5
  
  2b92f9043a4454efd48b718383f80bec
- SHA1
  
  c6bc7938243b3865db3eb7515745b0bca6d3268a
- SHA256
  
  ee2a21a254490aa22b241fd7818631491b6602f3cde6330b1a91aabc1154d8f9
- SHA512
  
  fe15fb8e887c6a385acca61593eec22c998bc6390b72cd67a5dccb5ddf5dfc018585582f9ef4b449a4b7196ce3b4496f42fb760f026d149934a6f63025d4f69a
- SSDEEP
  
  384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/Bt:XS5nQJ24LR1bytOOtEvwDpjNbP/7
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2