30e3abb812399f2b7139914ed3bd5a6086520059359189debf6e48eb77f27e88 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-10_fd890302842a180fd1043ffe810e131d_cryptolocker
Size

39KB
Sample

241010-ghhpysyfpg
MD5

fd890302842a180fd1043ffe810e131d
SHA1

055edb05b3f6dfeb1f6c5c7c4b1df13aa25b7bad
SHA256

30e3abb812399f2b7139914ed3bd5a6086520059359189debf6e48eb77f27e88
SHA512

37506447556c7915aef39d96665c11cc1b6da3f4cf08616444f69f73009ef5b353519ef4b50346bdc6be444dc3229590edd7ce583c220170300b7e40a88e40a2
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+41:fT+hsMQMOtEvwDpjoIH1

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-10_fd890302842a180fd1043ffe810e131d_cryptolocker
- Size
  
  39KB
- MD5
  
  fd890302842a180fd1043ffe810e131d
- SHA1
  
  055edb05b3f6dfeb1f6c5c7c4b1df13aa25b7bad
- SHA256
  
  30e3abb812399f2b7139914ed3bd5a6086520059359189debf6e48eb77f27e88
- SHA512
  
  37506447556c7915aef39d96665c11cc1b6da3f4cf08616444f69f73009ef5b353519ef4b50346bdc6be444dc3229590edd7ce583c220170300b7e40a88e40a2
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+41:fT+hsMQMOtEvwDpjoIH1
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2