e9da6a504a206478d2a7a898a363075ec8492875d3b62c61565e9e33a117e227 | Triage

Sharing

General

Target

2024-09-30_c214cb60973d46d64acc26fc69ed8a0b_cryptolocker
Size

40KB
Sample

240930-c1qq3atcmj
MD5

c214cb60973d46d64acc26fc69ed8a0b
SHA1

69dd634223ee81c033e0daec4d84374b41d7fb3b
SHA256

e9da6a504a206478d2a7a898a363075ec8492875d3b62c61565e9e33a117e227
SHA512

228652dcd39bca91e07e8dd055cbb63950f1e0c4389e355ef8dc7aa828152f15462f8a86af0c757be2ede07b5242b0faa1427f9b4ec7573d5dd011011441f544
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qcx:fT+hsMQMOtEvwDpjoIHl

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-30_c214cb60973d46d64acc26fc69ed8a0b_cryptolocker
- Size
  
  40KB
- MD5
  
  c214cb60973d46d64acc26fc69ed8a0b
- SHA1
  
  69dd634223ee81c033e0daec4d84374b41d7fb3b
- SHA256
  
  e9da6a504a206478d2a7a898a363075ec8492875d3b62c61565e9e33a117e227
- SHA512
  
  228652dcd39bca91e07e8dd055cbb63950f1e0c4389e355ef8dc7aa828152f15462f8a86af0c757be2ede07b5242b0faa1427f9b4ec7573d5dd011011441f544
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qcx:fT+hsMQMOtEvwDpjoIHl
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2