5937850aba9e5aa3a9c97f354e51aea5ff0f0a69d8ebaf758745151b31ac5efc | Triage

Sharing

General

Target

2024-09-29_859df5deb86ebe799a048f05f41e866a_cryptolocker
Size

45KB
Sample

240929-nhndrswakg
MD5

859df5deb86ebe799a048f05f41e866a
SHA1

309bce915f3b1c399a6b7099eda456b2c5a5550a
SHA256

5937850aba9e5aa3a9c97f354e51aea5ff0f0a69d8ebaf758745151b31ac5efc
SHA512

7518fd04fae2a456505326c1096c09413793c0c7f8aa15702312eb54bab26fd18505631905b4eaaab82720686374dadf09c16e56487a966457ebb1180503b98b
SSDEEP

768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAIie0LHumT:bCDOw9aMDooc+vAlXnT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-29_859df5deb86ebe799a048f05f41e866a_cryptolocker
- Size
  
  45KB
- MD5
  
  859df5deb86ebe799a048f05f41e866a
- SHA1
  
  309bce915f3b1c399a6b7099eda456b2c5a5550a
- SHA256
  
  5937850aba9e5aa3a9c97f354e51aea5ff0f0a69d8ebaf758745151b31ac5efc
- SHA512
  
  7518fd04fae2a456505326c1096c09413793c0c7f8aa15702312eb54bab26fd18505631905b4eaaab82720686374dadf09c16e56487a966457ebb1180503b98b
- SSDEEP
  
  768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAIie0LHumT:bCDOw9aMDooc+vAlXnT
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2