2dcb205e439ecbd1013d70624e5780d3c1b519e84d9fe90540efad4f4c960d60 | Triage

Sharing

General

Target

2024-10-13_fedff42d8959410b71b0836015321df9_cryptolocker
Size

35KB
Sample

241013-dfrcjazenk
MD5

fedff42d8959410b71b0836015321df9
SHA1

ee21e69b63b37123fcc7cdb5e157a19736c7571f
SHA256

2dcb205e439ecbd1013d70624e5780d3c1b519e84d9fe90540efad4f4c960d60
SHA512

3596800a9712b82fdb83702173a45415c3c60fed68d6e50b18cbf7f097f52b541c8ae08d40ed2bb2863232965e52231765f1c17eb463faff048c78709cd883d4
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50ixDdpg:bAvJCYOOvbRPDEgXrNekd7l94i6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-13_fedff42d8959410b71b0836015321df9_cryptolocker
- Size
  
  35KB
- MD5
  
  fedff42d8959410b71b0836015321df9
- SHA1
  
  ee21e69b63b37123fcc7cdb5e157a19736c7571f
- SHA256
  
  2dcb205e439ecbd1013d70624e5780d3c1b519e84d9fe90540efad4f4c960d60
- SHA512
  
  3596800a9712b82fdb83702173a45415c3c60fed68d6e50b18cbf7f097f52b541c8ae08d40ed2bb2863232965e52231765f1c17eb463faff048c78709cd883d4
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50ixDdpg:bAvJCYOOvbRPDEgXrNekd7l94i6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2