2cfe973f375a01b5213568d7c35266589ab3566391533942d17e7b7d9b345e50 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_d45d3019c1c29c23ca1679a67f5ebd3d_cryptolocker
Size

48KB
Sample

241009-fdh99aydjn
MD5

d45d3019c1c29c23ca1679a67f5ebd3d
SHA1

8178caf27752f1a75cdc10b9689315e81eaa3745
SHA256

2cfe973f375a01b5213568d7c35266589ab3566391533942d17e7b7d9b345e50
SHA512

7b1bfd92f09cfd12ead517dc9003973923fd31b9b2b27b0d5c02a93ab39c66981eb41d1a4434f04a7c2aaabf96f359fb32e9af1ce9d5aa0efc7d7b0b587df687
SSDEEP

768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPyN:P6QFElP6k+MRQMOtEvwDpjBQpVX3N

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-09_d45d3019c1c29c23ca1679a67f5ebd3d_cryptolocker
- Size
  
  48KB
- MD5
  
  d45d3019c1c29c23ca1679a67f5ebd3d
- SHA1
  
  8178caf27752f1a75cdc10b9689315e81eaa3745
- SHA256
  
  2cfe973f375a01b5213568d7c35266589ab3566391533942d17e7b7d9b345e50
- SHA512
  
  7b1bfd92f09cfd12ead517dc9003973923fd31b9b2b27b0d5c02a93ab39c66981eb41d1a4434f04a7c2aaabf96f359fb32e9af1ce9d5aa0efc7d7b0b587df687
- SSDEEP
  
  768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPyN:P6QFElP6k+MRQMOtEvwDpjBQpVX3N
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2