ac247f0d1d0aa265a1c0d2600c3b1214349faa6ed160289076593fa32999a582 | Triage

Sharing

General

Target

2024-10-12_ba437ca5ab26bcdd74513a54fe98f060_cryptolocker
Size

44KB
Sample

241012-ghenaswhme
MD5

ba437ca5ab26bcdd74513a54fe98f060
SHA1

a56855d81da55f4efd098af4aca70244d61fd131
SHA256

ac247f0d1d0aa265a1c0d2600c3b1214349faa6ed160289076593fa32999a582
SHA512

b65ae437d2b858fbc2ec840abb279254f8fe923930240c45a465c2481529c7ce64a1a915d2545d7749259110b5f0afc33fa3cfc5a1a7d0c3e886f3428b4134ad
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldT:xj+VGMOtEvwDpjk/T

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-12_ba437ca5ab26bcdd74513a54fe98f060_cryptolocker
- Size
  
  44KB
- MD5
  
  ba437ca5ab26bcdd74513a54fe98f060
- SHA1
  
  a56855d81da55f4efd098af4aca70244d61fd131
- SHA256
  
  ac247f0d1d0aa265a1c0d2600c3b1214349faa6ed160289076593fa32999a582
- SHA512
  
  b65ae437d2b858fbc2ec840abb279254f8fe923930240c45a465c2481529c7ce64a1a915d2545d7749259110b5f0afc33fa3cfc5a1a7d0c3e886f3428b4134ad
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldT:xj+VGMOtEvwDpjk/T
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2