3afe9034d7ad3ef2645c13a3a353c132edc7aaf376f783478a47ef391ac626e9 | Triage

Sharing

General

Target

2024-10-04_66b03a7ae7096f495ffdee019a443de5_cryptolocker
Size

74KB
Sample

241004-ng8y3s1dpr
MD5

66b03a7ae7096f495ffdee019a443de5
SHA1

2d2339d6e57eff42b4e31f5ff31e273b689fa8db
SHA256

3afe9034d7ad3ef2645c13a3a353c132edc7aaf376f783478a47ef391ac626e9
SHA512

981daf4b4d1ff3b0800135d9a8b77c9c0d233d50be90bd920ce272b8e201a12983325d3d3f542854f32bd5118e727adc06cdf9c324a5339beb812389e15ea487
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/RH:vj+jsMQMOtEvwDpj5HZYTjipvF24pR

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-04_66b03a7ae7096f495ffdee019a443de5_cryptolocker
- Size
  
  74KB
- MD5
  
  66b03a7ae7096f495ffdee019a443de5
- SHA1
  
  2d2339d6e57eff42b4e31f5ff31e273b689fa8db
- SHA256
  
  3afe9034d7ad3ef2645c13a3a353c132edc7aaf376f783478a47ef391ac626e9
- SHA512
  
  981daf4b4d1ff3b0800135d9a8b77c9c0d233d50be90bd920ce272b8e201a12983325d3d3f542854f32bd5118e727adc06cdf9c324a5339beb812389e15ea487
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/RH:vj+jsMQMOtEvwDpj5HZYTjipvF24pR
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2