479177de1094de8df6b13bda0347bc803ec8a771af705352ac84b46d72c4d0bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-13_02b75563c83541f7f8f6a60b8da7813d_cryptolocker
Size

42KB
Sample

241013-twcr3szfrp
MD5

02b75563c83541f7f8f6a60b8da7813d
SHA1

e89b6c4dc0998c66a9c8157deec4943d07812efd
SHA256

479177de1094de8df6b13bda0347bc803ec8a771af705352ac84b46d72c4d0bf
SHA512

fb6cba782f3ff811f638022cd0871431427dbeefb4fbcdda06cc08b2519f40aff95c60c2b6619a41e2d71be9d0b30f6642d5f76d4f5f85dc94dcb7c754deb2ca
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrNEfU8:vj+jsMQMOtEvwDpj5HczerNEs8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-13_02b75563c83541f7f8f6a60b8da7813d_cryptolocker
- Size
  
  42KB
- MD5
  
  02b75563c83541f7f8f6a60b8da7813d
- SHA1
  
  e89b6c4dc0998c66a9c8157deec4943d07812efd
- SHA256
  
  479177de1094de8df6b13bda0347bc803ec8a771af705352ac84b46d72c4d0bf
- SHA512
  
  fb6cba782f3ff811f638022cd0871431427dbeefb4fbcdda06cc08b2519f40aff95c60c2b6619a41e2d71be9d0b30f6642d5f76d4f5f85dc94dcb7c754deb2ca
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrNEfU8:vj+jsMQMOtEvwDpj5HczerNEs8
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2