b32ae1adc33108f9c845a6de802939602d9be03ff3c365c14e7de93ed8d79ea5 | Triage

Sharing

General

Target

2024-10-09_0dc6d8a82180272929bb72a2b8ff1198_cryptolocker
Size

50KB
Sample

241009-e1nykszhpg
MD5

0dc6d8a82180272929bb72a2b8ff1198
SHA1

fd5e95d7adaf622496ee18607bbdcb048ad94b05
SHA256

b32ae1adc33108f9c845a6de802939602d9be03ff3c365c14e7de93ed8d79ea5
SHA512

373043750cc847e6d342f7d49aa47b18bfacddb42bad015a65a175801a4834aa67710eb9d0c16bb12aa1febdc8b79f256fa6a08b4d5e09fb4f29f1eb0d1a84c1
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaEqbIu556BlvsTe:X6QFElP6n+gJQMOtEvwDpjB0GIWSlvIe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-09_0dc6d8a82180272929bb72a2b8ff1198_cryptolocker
- Size
  
  50KB
- MD5
  
  0dc6d8a82180272929bb72a2b8ff1198
- SHA1
  
  fd5e95d7adaf622496ee18607bbdcb048ad94b05
- SHA256
  
  b32ae1adc33108f9c845a6de802939602d9be03ff3c365c14e7de93ed8d79ea5
- SHA512
  
  373043750cc847e6d342f7d49aa47b18bfacddb42bad015a65a175801a4834aa67710eb9d0c16bb12aa1febdc8b79f256fa6a08b4d5e09fb4f29f1eb0d1a84c1
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaEqbIu556BlvsTe:X6QFElP6n+gJQMOtEvwDpjB0GIWSlvIe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2