34ea79b06469a8f7e0245c21219df4b1f63489ab37c658af9e428a334094dd09 | Triage

Sharing

General

Target

2024-09-28_493dd7ec5ab5e24ed6c0b5e1553fc3bf_cryptolocker
Size

44KB
Sample

240928-plre9swanq
MD5

493dd7ec5ab5e24ed6c0b5e1553fc3bf
SHA1

9fc9f9ce858ed7c7bfa03a8417a134e3c0a7bd6c
SHA256

34ea79b06469a8f7e0245c21219df4b1f63489ab37c658af9e428a334094dd09
SHA512

615836295d17d5cf9388377c30173a03b993516f46667f8e53465cfe40b5def0451284c2b528ba86ad708d8508c3221d9d0d03b0572bcb20e27d908ecc594457
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldJQf6:xj+VGMOtEvwDpjk/JQi

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-28_493dd7ec5ab5e24ed6c0b5e1553fc3bf_cryptolocker
- Size
  
  44KB
- MD5
  
  493dd7ec5ab5e24ed6c0b5e1553fc3bf
- SHA1
  
  9fc9f9ce858ed7c7bfa03a8417a134e3c0a7bd6c
- SHA256
  
  34ea79b06469a8f7e0245c21219df4b1f63489ab37c658af9e428a334094dd09
- SHA512
  
  615836295d17d5cf9388377c30173a03b993516f46667f8e53465cfe40b5def0451284c2b528ba86ad708d8508c3221d9d0d03b0572bcb20e27d908ecc594457
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldJQf6:xj+VGMOtEvwDpjk/JQi
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2