1bd35bf3341ad40e95eddb633bc019a37a46c9ebeba7c14fdd9fed82238570d5 | Triage

Sharing

General

Target

2024-10-09_70cc387460b8ad5c263e27b6101958e6_cryptolocker
Size

61KB
Sample

241009-x5y88awfre
MD5

70cc387460b8ad5c263e27b6101958e6
SHA1

157bcb540de5d668d9f805487f3b5ba42109fae7
SHA256

1bd35bf3341ad40e95eddb633bc019a37a46c9ebeba7c14fdd9fed82238570d5
SHA512

872b6661d5c98f7e8d8429e46941f09d8ff4f2f5f1c7df3341990516cb5c117cb2d60e2146d0fe788b33f0f6fcf77f933eb513ef30745ec48d5c537c7f21d549
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/RvDQeduJHqqnz10LhA:ZzFbxmLPWQMOtEvwDpj386Sj/RsB0Cz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-09_70cc387460b8ad5c263e27b6101958e6_cryptolocker
- Size
  
  61KB
- MD5
  
  70cc387460b8ad5c263e27b6101958e6
- SHA1
  
  157bcb540de5d668d9f805487f3b5ba42109fae7
- SHA256
  
  1bd35bf3341ad40e95eddb633bc019a37a46c9ebeba7c14fdd9fed82238570d5
- SHA512
  
  872b6661d5c98f7e8d8429e46941f09d8ff4f2f5f1c7df3341990516cb5c117cb2d60e2146d0fe788b33f0f6fcf77f933eb513ef30745ec48d5c537c7f21d549
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/RvDQeduJHqqnz10LhA:ZzFbxmLPWQMOtEvwDpj386Sj/RsB0Cz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2