645149ffa7aba221594d517fdd37e86b11f59d7e714c793e5e4e9398882a5ac5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-29_477be9c410bb1c76bfd4bdaf2354b242_cryptolocker
Size

59KB
Sample

240929-lh8nla1dra
MD5

477be9c410bb1c76bfd4bdaf2354b242
SHA1

3ac428e0616630323ea65183447316ca30bfd6ec
SHA256

645149ffa7aba221594d517fdd37e86b11f59d7e714c793e5e4e9398882a5ac5
SHA512

40625bed14cb30303673761dbd6ab9523cbb3191e13c2b369a1a33d46071c0840c466aacdfadd03650c52ca42e171bbb3ba32d9c0eb19ef4979be0ff8355d01b
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBccD2RuoNmuBLA+vB:X6a+SOtEvwDpjBrOD

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-29_477be9c410bb1c76bfd4bdaf2354b242_cryptolocker
- Size
  
  59KB
- MD5
  
  477be9c410bb1c76bfd4bdaf2354b242
- SHA1
  
  3ac428e0616630323ea65183447316ca30bfd6ec
- SHA256
  
  645149ffa7aba221594d517fdd37e86b11f59d7e714c793e5e4e9398882a5ac5
- SHA512
  
  40625bed14cb30303673761dbd6ab9523cbb3191e13c2b369a1a33d46071c0840c466aacdfadd03650c52ca42e171bbb3ba32d9c0eb19ef4979be0ff8355d01b
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBccD2RuoNmuBLA+vB:X6a+SOtEvwDpjBrOD
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2