167213a1768f6877ee63afbfbb19abb5198700b922906919ae492e728e57242e | Triage

Sharing

General

Target

2024-10-14_65da29b664292a9725c46d551d3f92b9_cryptolocker
Size

32KB
Sample

241014-fcm7tayfrh
MD5

65da29b664292a9725c46d551d3f92b9
SHA1

a8d6e3b10676c82c799a2bbef9df4392262faf48
SHA256

167213a1768f6877ee63afbfbb19abb5198700b922906919ae492e728e57242e
SHA512

5aab8383c9ab695c1d0820b26e1368d5f804c2c94426cc19a2cb58ad749a43f9bc76557f985280c8fedde87827e8bdd756f8318694f9750996688604087c7ac2
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzimQs:b/yC4GyNM01GuQMNXw2PSjHeq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-14_65da29b664292a9725c46d551d3f92b9_cryptolocker
- Size
  
  32KB
- MD5
  
  65da29b664292a9725c46d551d3f92b9
- SHA1
  
  a8d6e3b10676c82c799a2bbef9df4392262faf48
- SHA256
  
  167213a1768f6877ee63afbfbb19abb5198700b922906919ae492e728e57242e
- SHA512
  
  5aab8383c9ab695c1d0820b26e1368d5f804c2c94426cc19a2cb58ad749a43f9bc76557f985280c8fedde87827e8bdd756f8318694f9750996688604087c7ac2
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzimQs:b/yC4GyNM01GuQMNXw2PSjHeq
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2