008d9de0542d8340d8b70827eed6392212aea6bf94ff73e334dc0c79f3c8a5ed | Triage

Sharing

General

Target

2024-09-29_2ceffe56f380a23fee0e08aa40e28afa_cryptolocker
Size

43KB
Sample

240929-h6zh2svanl
MD5

2ceffe56f380a23fee0e08aa40e28afa
SHA1

817974158ef082bacb1dcfee3d5d528bc55c4a32
SHA256

008d9de0542d8340d8b70827eed6392212aea6bf94ff73e334dc0c79f3c8a5ed
SHA512

4790f22e91d0bb55a19693841d5c894b287611cdfb74d26caac7f1d411912605c09d09717eb77dbf62bec8ca1e67f5fe77bd4f1c10b2af3a29ec6d24c749aa77
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtld+:xj+VGMOtEvwDpjk/+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-29_2ceffe56f380a23fee0e08aa40e28afa_cryptolocker
- Size
  
  43KB
- MD5
  
  2ceffe56f380a23fee0e08aa40e28afa
- SHA1
  
  817974158ef082bacb1dcfee3d5d528bc55c4a32
- SHA256
  
  008d9de0542d8340d8b70827eed6392212aea6bf94ff73e334dc0c79f3c8a5ed
- SHA512
  
  4790f22e91d0bb55a19693841d5c894b287611cdfb74d26caac7f1d411912605c09d09717eb77dbf62bec8ca1e67f5fe77bd4f1c10b2af3a29ec6d24c749aa77
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtld+:xj+VGMOtEvwDpjk/+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2