03dd085818c08108840f70824a1a3f886a639976f6d909b94cfa090f9ecc6a85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-30_1ea282ba8449629944baa8e1970c5b0d_cryptolocker
Size

67KB
Sample

240930-hayxmszhpq
MD5

1ea282ba8449629944baa8e1970c5b0d
SHA1

8b267c37bbec3d022ddee178efc3fe81a3f7b2b7
SHA256

03dd085818c08108840f70824a1a3f886a639976f6d909b94cfa090f9ecc6a85
SHA512

40fe538538b15f6d6b7ad1430ffc6ff65eb439acec6934e7d769666a3876c854e704584841d886d55a94c96abeba86effb297f419f1b1d8da3e7857490b14867
SSDEEP

1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsijA:BbdDmjr+OtEvwDpjM89

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-30_1ea282ba8449629944baa8e1970c5b0d_cryptolocker
- Size
  
  67KB
- MD5
  
  1ea282ba8449629944baa8e1970c5b0d
- SHA1
  
  8b267c37bbec3d022ddee178efc3fe81a3f7b2b7
- SHA256
  
  03dd085818c08108840f70824a1a3f886a639976f6d909b94cfa090f9ecc6a85
- SHA512
  
  40fe538538b15f6d6b7ad1430ffc6ff65eb439acec6934e7d769666a3876c854e704584841d886d55a94c96abeba86effb297f419f1b1d8da3e7857490b14867
- SSDEEP
  
  1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsijA:BbdDmjr+OtEvwDpjM89
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2