944f212bf8dbdf95a21af6596a807049e974986b6486b74345fb0d36622040ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_2fe384c4d19bccdc079a0e9a6d89a1ff_cryptolocker
Size

31KB
Sample

241014-cw36lazhpm
MD5

2fe384c4d19bccdc079a0e9a6d89a1ff
SHA1

3b99769a28456e7c2d603c6b4103c3bc7e54bc38
SHA256

944f212bf8dbdf95a21af6596a807049e974986b6486b74345fb0d36622040ae
SHA512

ca4b03b2dcf30af64284298204421c713495bd7d7d0dfc682699fe3faa361be1c8239668d2f9cfaabe16d155bc813b7799f85129614710df939e3877dc01bf52
SSDEEP

768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGbNAKSjNf5:o1KhxqwtdgI2MyzNORQtOflIwoHNV2Xk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-14_2fe384c4d19bccdc079a0e9a6d89a1ff_cryptolocker
- Size
  
  31KB
- MD5
  
  2fe384c4d19bccdc079a0e9a6d89a1ff
- SHA1
  
  3b99769a28456e7c2d603c6b4103c3bc7e54bc38
- SHA256
  
  944f212bf8dbdf95a21af6596a807049e974986b6486b74345fb0d36622040ae
- SHA512
  
  ca4b03b2dcf30af64284298204421c713495bd7d7d0dfc682699fe3faa361be1c8239668d2f9cfaabe16d155bc813b7799f85129614710df939e3877dc01bf52
- SSDEEP
  
  768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGbNAKSjNf5:o1KhxqwtdgI2MyzNORQtOflIwoHNV2Xk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2