e442e8d16946466195664127fe13f6de50e6dc84b00256c2b1548d849d6b3f6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-13_d8f11bca90136e802be29704bd563f89_cryptolocker
Size

47KB
Sample

241013-ejvpsssdln
MD5

d8f11bca90136e802be29704bd563f89
SHA1

1223f8ab0e4eb5d3503abb88516a753b4aa50993
SHA256

e442e8d16946466195664127fe13f6de50e6dc84b00256c2b1548d849d6b3f6e
SHA512

f0ccef41e2016f42f12165bf20f53db864fb8f1480fe54c8c23b7de3e041dcf078310d97bfd8c25b37c70b213961c4993cb3f8d39592d4c9be5f74bdb5859690
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKMLGokeA2+laALM:vj+jsMQMOtEvwDpj5Ht1qok51RQ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-13_d8f11bca90136e802be29704bd563f89_cryptolocker
- Size
  
  47KB
- MD5
  
  d8f11bca90136e802be29704bd563f89
- SHA1
  
  1223f8ab0e4eb5d3503abb88516a753b4aa50993
- SHA256
  
  e442e8d16946466195664127fe13f6de50e6dc84b00256c2b1548d849d6b3f6e
- SHA512
  
  f0ccef41e2016f42f12165bf20f53db864fb8f1480fe54c8c23b7de3e041dcf078310d97bfd8c25b37c70b213961c4993cb3f8d39592d4c9be5f74bdb5859690
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKMLGokeA2+laALM:vj+jsMQMOtEvwDpj5Ht1qok51RQ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2