5ad413f2c83ec26fa9e2d7e97af6c14445b133f3fe0b056834fb2fcca1f96309 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-05_379e3e486f55db82222dcb35888b1642_cryptolocker
Size

45KB
Sample

241005-h7sf5axaka
MD5

379e3e486f55db82222dcb35888b1642
SHA1

ff427227f99386c6a54c047eb9de2214caf872f0
SHA256

5ad413f2c83ec26fa9e2d7e97af6c14445b133f3fe0b056834fb2fcca1f96309
SHA512

76d42e5d19ec9267b60629048b1e72a555444f9e933b634317a86cb422474f4d8f05d5e8023dca7be8a1437313a0b6c8ef6d031dc20f627fd1e552cdcec84d09
SSDEEP

768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPP:P6QFElP6k+MRQMOtEvwDpjBQpVXi

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-05_379e3e486f55db82222dcb35888b1642_cryptolocker
- Size
  
  45KB
- MD5
  
  379e3e486f55db82222dcb35888b1642
- SHA1
  
  ff427227f99386c6a54c047eb9de2214caf872f0
- SHA256
  
  5ad413f2c83ec26fa9e2d7e97af6c14445b133f3fe0b056834fb2fcca1f96309
- SHA512
  
  76d42e5d19ec9267b60629048b1e72a555444f9e933b634317a86cb422474f4d8f05d5e8023dca7be8a1437313a0b6c8ef6d031dc20f627fd1e552cdcec84d09
- SSDEEP
  
  768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPP:P6QFElP6k+MRQMOtEvwDpjBQpVXi
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2