63241a0733aa41c7804fdad349240d4eb07cd402e8ed0f9fb35ae596671a68cc | Triage

Sharing

General

Target

2024-09-28_fd6c8395f522d4bf16080df0c95d5514_cryptolocker
Size

37KB
Sample

240928-fkynhs1anh
MD5

fd6c8395f522d4bf16080df0c95d5514
SHA1

c00cf5612f74d6fe17b3a74e9ae0b8399004ead3
SHA256

63241a0733aa41c7804fdad349240d4eb07cd402e8ed0f9fb35ae596671a68cc
SHA512

d23b9d7cd1c6216c4a7a89cfb68a7e113980d859aaae74521859821c02613e23876c97c12177cbcbf577a1b51e2e304837ee58080968419c7cc87cef09555a11
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlU7hl:b/pYayGig5HjS3ull

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-28_fd6c8395f522d4bf16080df0c95d5514_cryptolocker
- Size
  
  37KB
- MD5
  
  fd6c8395f522d4bf16080df0c95d5514
- SHA1
  
  c00cf5612f74d6fe17b3a74e9ae0b8399004ead3
- SHA256
  
  63241a0733aa41c7804fdad349240d4eb07cd402e8ed0f9fb35ae596671a68cc
- SHA512
  
  d23b9d7cd1c6216c4a7a89cfb68a7e113980d859aaae74521859821c02613e23876c97c12177cbcbf577a1b51e2e304837ee58080968419c7cc87cef09555a11
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlU7hl:b/pYayGig5HjS3ull
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2