3c12386b4f942fedbf0a7d3e69ae2f8d1258b26d5bcb45b74b725c8cd553d0cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-02_20c4ee809ebb5fac3eeeb3b6ac7ae0f8_cryptolocker
Size

91KB
Sample

241002-g5m8ysvfnb
MD5

20c4ee809ebb5fac3eeeb3b6ac7ae0f8
SHA1

6543e48365ab641b7c237de43e1657298f1c2d7e
SHA256

3c12386b4f942fedbf0a7d3e69ae2f8d1258b26d5bcb45b74b725c8cd553d0cf
SHA512

b3bfa79d60a2ea82a8855a5491ae8bba2fb98868a7a3d6ec2856ad8ff9b2600d1bfd024a109bbcba2c53f020af49127fff63412c484e57edd52f78d6dcfe9299
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjQGYQbNcqamvWHShl/3F60:V6a+pOtEvwDpjt/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-02_20c4ee809ebb5fac3eeeb3b6ac7ae0f8_cryptolocker
- Size
  
  91KB
- MD5
  
  20c4ee809ebb5fac3eeeb3b6ac7ae0f8
- SHA1
  
  6543e48365ab641b7c237de43e1657298f1c2d7e
- SHA256
  
  3c12386b4f942fedbf0a7d3e69ae2f8d1258b26d5bcb45b74b725c8cd553d0cf
- SHA512
  
  b3bfa79d60a2ea82a8855a5491ae8bba2fb98868a7a3d6ec2856ad8ff9b2600d1bfd024a109bbcba2c53f020af49127fff63412c484e57edd52f78d6dcfe9299
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjQGYQbNcqamvWHShl/3F60:V6a+pOtEvwDpjt/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2