8e4887adfc3d79e352b58a993a5b443ba009269bfc376462c1400032557ddcc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-12_03c14adef8287c661d5c8265147ab409_cryptolocker
Size

40KB
Sample

241012-g515tasdlm
MD5

03c14adef8287c661d5c8265147ab409
SHA1

95e96068234b9c3d62a1bf6ab8419f5a1df2bd6d
SHA256

8e4887adfc3d79e352b58a993a5b443ba009269bfc376462c1400032557ddcc5
SHA512

54ca1fe1e80d66058c7c25be724d94c900b733e325fd8c4ce55b6873b82175241a167976b15fab733818c44d8517840ed3c39f38f2803d3f78bd1bf64d1b5602
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qc:fT+hsMQMOtEvwDpjoIHL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-12_03c14adef8287c661d5c8265147ab409_cryptolocker
- Size
  
  40KB
- MD5
  
  03c14adef8287c661d5c8265147ab409
- SHA1
  
  95e96068234b9c3d62a1bf6ab8419f5a1df2bd6d
- SHA256
  
  8e4887adfc3d79e352b58a993a5b443ba009269bfc376462c1400032557ddcc5
- SHA512
  
  54ca1fe1e80d66058c7c25be724d94c900b733e325fd8c4ce55b6873b82175241a167976b15fab733818c44d8517840ed3c39f38f2803d3f78bd1bf64d1b5602
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4qc:fT+hsMQMOtEvwDpjoIHL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2