331d8e6bfd7333aac1156e455591120c505d2ec68c47db1c132e7f3f33983ed3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_1297566425e8eff446616d3b5c4c42c8_cryptolocker
Size

74KB
Sample

241009-h72d2axeka
MD5

1297566425e8eff446616d3b5c4c42c8
SHA1

58ef98ef7f3b5a1bb5fa62a14e09fc4f50c754a7
SHA256

331d8e6bfd7333aac1156e455591120c505d2ec68c47db1c132e7f3f33983ed3
SHA512

b32212ceb9a1873b13fe9dfd40c865efdff4626fe4a3c0a41e65adbda1ad13bee0b5a70926fddad28aa6f0f577d34d1c8cb95153e8d6db2a100fb12d482ccbd5
SSDEEP

768:9UQz7yVEhs9+4T/1bytOOtEvwDpjLXOQ69zbjlAAX5e9zP:9Uj+AIMOtEvwDpjLizbR9XwzP

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-09_1297566425e8eff446616d3b5c4c42c8_cryptolocker
- Size
  
  74KB
- MD5
  
  1297566425e8eff446616d3b5c4c42c8
- SHA1
  
  58ef98ef7f3b5a1bb5fa62a14e09fc4f50c754a7
- SHA256
  
  331d8e6bfd7333aac1156e455591120c505d2ec68c47db1c132e7f3f33983ed3
- SHA512
  
  b32212ceb9a1873b13fe9dfd40c865efdff4626fe4a3c0a41e65adbda1ad13bee0b5a70926fddad28aa6f0f577d34d1c8cb95153e8d6db2a100fb12d482ccbd5
- SSDEEP
  
  768:9UQz7yVEhs9+4T/1bytOOtEvwDpjLXOQ69zbjlAAX5e9zP:9Uj+AIMOtEvwDpjLizbR9XwzP
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2